VirtualBox

Ticket #15263: VBoxHardening.log

File VBoxHardening.log, 357.9 KB (added by dbarr80, 9 years ago)
Line 
1334.e48: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2334.e48: \SystemRoot\System32\ntdll.dll:
3334.e48: CreationTime: 2016-01-26T18:49:21.836875500Z
4334.e48: LastWriteTime: 2015-12-30T19:05:33.659216000Z
5334.e48: ChangeTime: 2016-01-26T21:56:31.754646400Z
6334.e48: FileAttributes: 0x20
7334.e48: Size: 0x1a67c0
8334.e48: NT Headers: 0xe0
9334.e48: Timestamp: 0x568429e5
10334.e48: Machine: 0x8664 - amd64
11334.e48: Timestamp: 0x568429e5
12334.e48: Image Version: 6.1
13334.e48: SizeOfImage: 0x1a9000 (1740800)
14334.e48: Resource Dir: 0x14d000 LB 0x5a028
15334.e48: ProductName: Microsoft® Windows® Operating System
16334.e48: ProductVersion: 6.1.7601.19110
17334.e48: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
18334.e48: FileDescription: NT Layer DLL
19334.e48: \SystemRoot\System32\kernel32.dll:
20334.e48: CreationTime: 2016-01-26T18:49:19.492741400Z
21334.e48: LastWriteTime: 2015-12-30T18:57:55.730000000Z
22334.e48: ChangeTime: 2016-01-26T21:56:32.456647600Z
23334.e48: FileAttributes: 0x20
24334.e48: Size: 0x11c000
25334.e48: NT Headers: 0xe8
26334.e48: Timestamp: 0x568429dc
27334.e48: Machine: 0x8664 - amd64
28334.e48: Timestamp: 0x568429dc
29334.e48: Image Version: 6.1
30334.e48: SizeOfImage: 0x11f000 (1175552)
31334.e48: Resource Dir: 0x116000 LB 0x528
32334.e48: ProductName: Microsoft® Windows® Operating System
33334.e48: ProductVersion: 6.1.7601.19110
34334.e48: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
35334.e48: FileDescription: Windows NT BASE API Client DLL
36334.e48: \SystemRoot\System32\KernelBase.dll:
37334.e48: CreationTime: 2016-01-26T18:49:19.237726800Z
38334.e48: LastWriteTime: 2015-12-30T18:57:55.761000000Z
39334.e48: ChangeTime: 2016-01-26T21:56:32.472247600Z
40334.e48: FileAttributes: 0x20
41334.e48: Size: 0x67a00
42334.e48: NT Headers: 0xe8
43334.e48: Timestamp: 0x568429dd
44334.e48: Machine: 0x8664 - amd64
45334.e48: Timestamp: 0x568429dd
46334.e48: Image Version: 6.1
47334.e48: SizeOfImage: 0x6c000 (442368)
48334.e48: Resource Dir: 0x6a000 LB 0x530
49334.e48: ProductName: Microsoft® Windows® Operating System
50334.e48: ProductVersion: 6.1.7601.19110
51334.e48: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
52334.e48: FileDescription: Windows NT BASE API Client DLL
53334.e48: \SystemRoot\System32\apisetschema.dll:
54334.e48: CreationTime: 2016-01-26T18:49:09.984197600Z
55334.e48: LastWriteTime: 2015-12-30T18:54:58.839000000Z
56334.e48: ChangeTime: 2016-01-26T21:56:31.645446200Z
57334.e48: FileAttributes: 0x20
58334.e48: Size: 0x1a00
59334.e48: NT Headers: 0xc0
60334.e48: Timestamp: 0x568428c9
61334.e48: Machine: 0x8664 - amd64
62334.e48: Timestamp: 0x568428c9
63334.e48: Image Version: 6.1
64334.e48: SizeOfImage: 0x50000 (327680)
65334.e48: Resource Dir: 0x30000 LB 0x3f8
66334.e48: ProductName: Microsoft® Windows® Operating System
67334.e48: ProductVersion: 6.1.7601.19110
68334.e48: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
69334.e48: FileDescription: ApiSet Schema DLL
70334.e48: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71334.e48: supR3HardenedWinFindAdversaries: 0x480
72334.e48: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
73334.e48: CreationTime: 2014-05-13T15:27:59.765588000Z
74334.e48: LastWriteTime: 2016-03-21T18:38:29.470729100Z
75334.e48: ChangeTime: 2016-03-21T18:38:29.470729100Z
76334.e48: FileAttributes: 0x20
77334.e48: Size: 0x2eed8
78334.e48: NT Headers: 0xe0
79334.e48: Timestamp: 0x55b855d9
80334.e48: Machine: 0x8664 - amd64
81334.e48: Timestamp: 0x55b855d9
82334.e48: Image Version: 6.1
83334.e48: SizeOfImage: 0x33000 (208896)
84334.e48: Resource Dir: 0x31000 LB 0x3b8
85334.e48: ProductName: Malwarebytes Anti-Malware
86334.e48: ProductVersion: 0.3.0.0
87334.e48: FileVersion: 0.3.0.0
88334.e48: FileDescription: Malwarebytes Anti-Malware
89334.e48: \SystemRoot\System32\drivers\mwac.sys:
90334.e48: CreationTime: 2014-05-13T15:27:38.877393300Z
91334.e48: LastWriteTime: 2015-10-05T12:50:18.000000000Z
92334.e48: ChangeTime: 2015-10-19T20:47:27.768196000Z
93334.e48: FileAttributes: 0x20
94334.e48: Size: 0xf8d8
95334.e48: NT Headers: 0xf8
96334.e48: Timestamp: 0x53a0f42a
97334.e48: Machine: 0x8664 - amd64
98334.e48: Timestamp: 0x53a0f42a
99334.e48: Image Version: 6.2
100334.e48: SizeOfImage: 0x12000 (73728)
101334.e48: Resource Dir: 0x10000 LB 0x3e0
102334.e48: ProductName: Malwarebytes Web Access Control
103334.e48: ProductVersion: 1.0.6.0
104334.e48: FileVersion: 1.0.6.0
105334.e48: FileDescription: Malwarebytes Web Access Control
106334.e48: \SystemRoot\System32\drivers\mbamchameleon.sys:
107334.e48: CreationTime: 2014-05-13T15:27:38.901394700Z
108334.e48: LastWriteTime: 2015-10-05T12:50:10.000000000Z
109334.e48: ChangeTime: 2015-10-19T20:47:28.003209500Z
110334.e48: FileAttributes: 0x20
111334.e48: Size: 0x1aad8
112334.e48: NT Headers: 0xd8
113334.e48: Timestamp: 0x55c103c3
114334.e48: Machine: 0x8664 - amd64
115334.e48: Timestamp: 0x55c103c3
116334.e48: Image Version: 6.1
117334.e48: SizeOfImage: 0x1e000 (122880)
118334.e48: Resource Dir: 0x1c000 LB 0xba8
119334.e48: ProductName: Malwarebytes Chameleon
120334.e48: ProductVersion: 1.1.21.0
121334.e48: FileVersion: 1.1.21.0
122334.e48: FileDescription: Malwarebytes Chameleon Protection Driver
123334.e48: \SystemRoot\System32\drivers\mbam.sys:
124334.e48: CreationTime: 2011-12-14T12:06:54.432743500Z
125334.e48: LastWriteTime: 2015-10-05T12:50:06.000000000Z
126334.e48: ChangeTime: 2015-10-19T20:47:27.704192400Z
127334.e48: FileAttributes: 0x20
128334.e48: Size: 0x64d8
129334.e48: NT Headers: 0xd8
130334.e48: Timestamp: 0x55ca3257
131334.e48: Machine: 0x8664 - amd64
132334.e48: Timestamp: 0x55ca3257
133334.e48: Image Version: 6.1
134334.e48: SizeOfImage: 0xa000 (40960)
135334.e48: Resource Dir: 0x8000 LB 0x3a0
136334.e48: ProductName: Malwarebytes Anti-Malware
137334.e48: ProductVersion: 0.1.16.0
138334.e48: FileVersion: 0.1.16.0
139334.e48: FileDescription: Malwarebytes Anti-Malware
140334.e48: \SystemRoot\System32\drivers\MpFilter.sys:
141334.e48: CreationTime: 2015-03-04T22:34:52.000000000Z
142334.e48: LastWriteTime: 2015-03-04T22:34:52.000000000Z
143334.e48: ChangeTime: 2015-07-02T14:48:44.608325200Z
144334.e48: FileAttributes: 0x20
145334.e48: Size: 0x44738
146334.e48: NT Headers: 0xf0
147334.e48: Timestamp: 0x54efb880
148334.e48: Machine: 0x8664 - amd64
149334.e48: Timestamp: 0x54efb880
150334.e48: Image Version: 6.3
151334.e48: SizeOfImage: 0x44000 (278528)
152334.e48: Resource Dir: 0x42000 LB 0xd50
153334.e48: ProductName: Microsoft Malware Protection
154334.e48: ProductVersion: 4.8.0200.0
155334.e48: FileVersion: 4.8.0200.0
156334.e48: FileDescription: Microsoft antimalware file system filter driver
157334.e48: \SystemRoot\System32\drivers\NisDrvWFP.sys:
158334.e48: CreationTime: 2011-04-27T18:25:24.000000000Z
159334.e48: LastWriteTime: 2015-03-04T22:34:52.000000000Z
160334.e48: ChangeTime: 2015-07-02T14:48:43.242247100Z
161334.e48: FileAttributes: 0x20
162334.e48: Size: 0x1e698
163334.e48: NT Headers: 0xf0
164334.e48: Timestamp: 0x54efb8af
165334.e48: Machine: 0x8664 - amd64
166334.e48: Timestamp: 0x54efb8af
167334.e48: Image Version: 6.3
168334.e48: SizeOfImage: 0x1f000 (126976)
169334.e48: Resource Dir: 0x1c000 LB 0x1b90
170334.e48: ProductName: Microsoft Malware Protection
171334.e48: ProductVersion: 4.8.0200.0
172334.e48: FileVersion: 4.8.0200.0
173334.e48: FileDescription: Microsoft Network Realtime Inspection Driver
174334.e48: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
175334.e48: Calling main()
176334.e48: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
177334.e48: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
178334.e48: SUPR3HardenedMain: Respawn #1
179334.e48: System32: \Device\HarddiskVolume1\Windows\System32
180334.e48: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
181334.e48: KnownDllPath: C:\Windows\system32
182334.e48: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
183334.e48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
184334.e48: supR3HardNtEnableThreadCreation:
185334.e48: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007756b630 pvNtTerminateThread=000000007758dee0
186334.e48: supR3HardenedWinDoReSpawn(1): New child 8bc.1238 [kernel32].
187334.e48: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x380
188334.e48: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077540000 uNtDllChildAddr=0000000077540000
189334.e48: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007756b630
190334.e48: supR3HardenedWinSetupChildInit: Start child.
191334.e48: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
192334.e48: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 64 sleeps
193334.e48: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
194334.e48: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
195334.e48: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
196334.e48: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
197334.e48: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
198334.e48: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
199334.e48: 0000000000041000-ffffffffffe61fff 0x0001/0x0000 0x0000000
200334.e48: *0000000000220000-0000000000123fff 0x0000/0x0004 0x0020000
201334.e48: 000000000031c000-0000000000318fff 0x0104/0x0004 0x0020000
202334.e48: 000000000031f000-000000000031dfff 0x0004/0x0004 0x0020000
203334.e48: 0000000000320000-ffffffff890fffff 0x0001/0x0000 0x0000000
204334.e48: *0000000077540000-0000000077540fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
205334.e48: 0000000077541000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
206334.e48: 000000007763f000-000000007766dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
207334.e48: 000000007766e000-0000000077675fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
208334.e48: 0000000077676000-0000000077676fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
209334.e48: 0000000077677000-0000000077679fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
210334.e48: 000000007767a000-00000000776e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
211334.e48: 00000000776e9000-000000006fdf1fff 0x0001/0x0000 0x0000000
212334.e48: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
213334.e48: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
214334.e48: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
215334.e48: 000000007fff0000-ffffffffc04affff 0x0001/0x0000 0x0000000
216334.e48: *000000013fb30000-000000013fb30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
217334.e48: 000000013fb31000-000000013fbb7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
218334.e48: 000000013fbb8000-000000013fbb8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
219334.e48: 000000013fbb9000-000000013fc03fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
220334.e48: 000000013fc04000-000000013fc04fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
221334.e48: 000000013fc05000-000000013fc05fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
222334.e48: 000000013fc06000-000000013fc0afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
223334.e48: 000000013fc0b000-000000013fc0bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
224334.e48: 000000013fc0c000-000000013fc0cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
225334.e48: 000000013fc0d000-000000013fc10fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
226334.e48: 000000013fc11000-000000013fc5bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
227334.e48: 000000013fc5c000-fffff80380057fff 0x0001/0x0000 0x0000000
228334.e48: *000007feff860000-000007feff860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
229334.e48: 000007feff861000-000007fdff111fff 0x0001/0x0000 0x0000000
230334.e48: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
231334.e48: 000007fffffd3000-000007fffffcffff 0x0001/0x0000 0x0000000
232334.e48: *000007fffffd6000-000007fffffd4fff 0x0004/0x0004 0x0020000
233334.e48: 000007fffffd7000-000007fffffcffff 0x0001/0x0000 0x0000000
234334.e48: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
235334.e48: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
236334.e48: apisetschema.dll: timestamp 0x568428c9 (rc=VINF_SUCCESS)
237334.e48: VirtualBox.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
238334.e48: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
239334.e48: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
240334.e48: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
241334.e48: supR3HardNtChildPurify: Done after 537 ms and 0 fixes (loop #0).
2428bc.1238: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
2438bc.1238: supR3HardenedVmProcessInit: uNtDllAddr=0000000077540000
244334.e48: supR3HardNtEnableThreadCreation:
2458bc.1238: ntdll.dll: timestamp 0x568429e5 (rc=VINF_SUCCESS)
2468bc.1238: New simple heap: #1 0000000000320000 LB 0x400000 (for 1740800 allocation)
2478bc.1238: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
2488bc.1238: System32: \Device\HarddiskVolume1\Windows\System32
2498bc.1238: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
2508bc.1238: KnownDllPath: C:\Windows\system32
2518bc.1238: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2528bc.1238: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2538bc.1238: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2548bc.1238: Registered Dll notification callback with NTDLL.
2558bc.1238: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
2568bc.1238: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
2578bc.1238: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2588bc.1238: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2598bc.1238: supR3HardenedDllNotificationCallback: load 0000000077420000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
2608bc.1238: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2618bc.1238: supR3HardenedDllNotificationCallback: load 000007fefd440000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
2628bc.1238: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
2638bc.1238: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
2648bc.1238: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077420000 'C:\Windows\system32\kernel32.dll'
2658bc.1238: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007756b630 pvNtTerminateThread=000000007758dee0
266334.e48: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 29 ms.
2678bc.1238: \SystemRoot\System32\ntdll.dll:
2688bc.1238: CreationTime: 2016-01-26T18:49:21.836875500Z
2698bc.1238: LastWriteTime: 2015-12-30T19:05:33.659216000Z
2708bc.1238: ChangeTime: 2016-01-26T21:56:31.754646400Z
2718bc.1238: FileAttributes: 0x20
2728bc.1238: Size: 0x1a67c0
2738bc.1238: NT Headers: 0xe0
2748bc.1238: Timestamp: 0x568429e5
2758bc.1238: Machine: 0x8664 - amd64
2768bc.1238: Timestamp: 0x568429e5
2778bc.1238: Image Version: 6.1
2788bc.1238: SizeOfImage: 0x1a9000 (1740800)
2798bc.1238: Resource Dir: 0x14d000 LB 0x5a028
2808bc.1238: ProductName: Microsoft® Windows® Operating System
2818bc.1238: ProductVersion: 6.1.7601.19110
2828bc.1238: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
2838bc.1238: FileDescription: NT Layer DLL
2848bc.1238: \SystemRoot\System32\kernel32.dll:
2858bc.1238: CreationTime: 2016-01-26T18:49:19.492741400Z
2868bc.1238: LastWriteTime: 2015-12-30T18:57:55.730000000Z
2878bc.1238: ChangeTime: 2016-01-26T21:56:32.456647600Z
2888bc.1238: FileAttributes: 0x20
2898bc.1238: Size: 0x11c000
2908bc.1238: NT Headers: 0xe8
2918bc.1238: Timestamp: 0x568429dc
2928bc.1238: Machine: 0x8664 - amd64
2938bc.1238: Timestamp: 0x568429dc
2948bc.1238: Image Version: 6.1
2958bc.1238: SizeOfImage: 0x11f000 (1175552)
2968bc.1238: Resource Dir: 0x116000 LB 0x528
2978bc.1238: ProductName: Microsoft® Windows® Operating System
2988bc.1238: ProductVersion: 6.1.7601.19110
2998bc.1238: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
3008bc.1238: FileDescription: Windows NT BASE API Client DLL
3018bc.1238: \SystemRoot\System32\KernelBase.dll:
3028bc.1238: CreationTime: 2016-01-26T18:49:19.237726800Z
3038bc.1238: LastWriteTime: 2015-12-30T18:57:55.761000000Z
3048bc.1238: ChangeTime: 2016-01-26T21:56:32.472247600Z
3058bc.1238: FileAttributes: 0x20
3068bc.1238: Size: 0x67a00
3078bc.1238: NT Headers: 0xe8
3088bc.1238: Timestamp: 0x568429dd
3098bc.1238: Machine: 0x8664 - amd64
3108bc.1238: Timestamp: 0x568429dd
3118bc.1238: Image Version: 6.1
3128bc.1238: SizeOfImage: 0x6c000 (442368)
3138bc.1238: Resource Dir: 0x6a000 LB 0x530
3148bc.1238: ProductName: Microsoft® Windows® Operating System
3158bc.1238: ProductVersion: 6.1.7601.19110
3168bc.1238: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
3178bc.1238: FileDescription: Windows NT BASE API Client DLL
3188bc.1238: \SystemRoot\System32\apisetschema.dll:
3198bc.1238: CreationTime: 2016-01-26T18:49:09.984197600Z
3208bc.1238: LastWriteTime: 2015-12-30T18:54:58.839000000Z
3218bc.1238: ChangeTime: 2016-01-26T21:56:31.645446200Z
3228bc.1238: FileAttributes: 0x20
3238bc.1238: Size: 0x1a00
3248bc.1238: NT Headers: 0xc0
3258bc.1238: Timestamp: 0x568428c9
3268bc.1238: Machine: 0x8664 - amd64
3278bc.1238: Timestamp: 0x568428c9
3288bc.1238: Image Version: 6.1
3298bc.1238: SizeOfImage: 0x50000 (327680)
3308bc.1238: Resource Dir: 0x30000 LB 0x3f8
3318bc.1238: ProductName: Microsoft® Windows® Operating System
3328bc.1238: ProductVersion: 6.1.7601.19110
3338bc.1238: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
3348bc.1238: FileDescription: ApiSet Schema DLL
3358bc.1238: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3368bc.1238: supR3HardenedWinFindAdversaries: 0x480
3378bc.1238: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
3388bc.1238: CreationTime: 2014-05-13T15:27:59.765588000Z
3398bc.1238: LastWriteTime: 2016-03-21T18:38:29.470729100Z
3408bc.1238: ChangeTime: 2016-03-21T18:38:29.470729100Z
3418bc.1238: FileAttributes: 0x20
3428bc.1238: Size: 0x2eed8
3438bc.1238: NT Headers: 0xe0
3448bc.1238: Timestamp: 0x55b855d9
3458bc.1238: Machine: 0x8664 - amd64
3468bc.1238: Timestamp: 0x55b855d9
3478bc.1238: Image Version: 6.1
3488bc.1238: SizeOfImage: 0x33000 (208896)
3498bc.1238: Resource Dir: 0x31000 LB 0x3b8
3508bc.1238: ProductName: Malwarebytes Anti-Malware
3518bc.1238: ProductVersion: 0.3.0.0
3528bc.1238: FileVersion: 0.3.0.0
3538bc.1238: FileDescription: Malwarebytes Anti-Malware
3548bc.1238: \SystemRoot\System32\drivers\mwac.sys:
3558bc.1238: CreationTime: 2014-05-13T15:27:38.877393300Z
3568bc.1238: LastWriteTime: 2015-10-05T12:50:18.000000000Z
3578bc.1238: ChangeTime: 2015-10-19T20:47:27.768196000Z
3588bc.1238: FileAttributes: 0x20
3598bc.1238: Size: 0xf8d8
3608bc.1238: NT Headers: 0xf8
3618bc.1238: Timestamp: 0x53a0f42a
3628bc.1238: Machine: 0x8664 - amd64
3638bc.1238: Timestamp: 0x53a0f42a
3648bc.1238: Image Version: 6.2
3658bc.1238: SizeOfImage: 0x12000 (73728)
3668bc.1238: Resource Dir: 0x10000 LB 0x3e0
3678bc.1238: ProductName: Malwarebytes Web Access Control
3688bc.1238: ProductVersion: 1.0.6.0
3698bc.1238: FileVersion: 1.0.6.0
3708bc.1238: FileDescription: Malwarebytes Web Access Control
3718bc.1238: \SystemRoot\System32\drivers\mbamchameleon.sys:
3728bc.1238: CreationTime: 2014-05-13T15:27:38.901394700Z
3738bc.1238: LastWriteTime: 2015-10-05T12:50:10.000000000Z
3748bc.1238: ChangeTime: 2015-10-19T20:47:28.003209500Z
3758bc.1238: FileAttributes: 0x20
3768bc.1238: Size: 0x1aad8
3778bc.1238: NT Headers: 0xd8
3788bc.1238: Timestamp: 0x55c103c3
3798bc.1238: Machine: 0x8664 - amd64
3808bc.1238: Timestamp: 0x55c103c3
3818bc.1238: Image Version: 6.1
3828bc.1238: SizeOfImage: 0x1e000 (122880)
3838bc.1238: Resource Dir: 0x1c000 LB 0xba8
3848bc.1238: ProductName: Malwarebytes Chameleon
3858bc.1238: ProductVersion: 1.1.21.0
3868bc.1238: FileVersion: 1.1.21.0
3878bc.1238: FileDescription: Malwarebytes Chameleon Protection Driver
3888bc.1238: \SystemRoot\System32\drivers\mbam.sys:
3898bc.1238: CreationTime: 2011-12-14T12:06:54.432743500Z
3908bc.1238: LastWriteTime: 2015-10-05T12:50:06.000000000Z
3918bc.1238: ChangeTime: 2015-10-19T20:47:27.704192400Z
3928bc.1238: FileAttributes: 0x20
3938bc.1238: Size: 0x64d8
3948bc.1238: NT Headers: 0xd8
3958bc.1238: Timestamp: 0x55ca3257
3968bc.1238: Machine: 0x8664 - amd64
3978bc.1238: Timestamp: 0x55ca3257
3988bc.1238: Image Version: 6.1
3998bc.1238: SizeOfImage: 0xa000 (40960)
4008bc.1238: Resource Dir: 0x8000 LB 0x3a0
4018bc.1238: ProductName: Malwarebytes Anti-Malware
4028bc.1238: ProductVersion: 0.1.16.0
4038bc.1238: FileVersion: 0.1.16.0
4048bc.1238: FileDescription: Malwarebytes Anti-Malware
4058bc.1238: \SystemRoot\System32\drivers\MpFilter.sys:
4068bc.1238: CreationTime: 2015-03-04T22:34:52.000000000Z
4078bc.1238: LastWriteTime: 2015-03-04T22:34:52.000000000Z
4088bc.1238: ChangeTime: 2015-07-02T14:48:44.608325200Z
4098bc.1238: FileAttributes: 0x20
4108bc.1238: Size: 0x44738
4118bc.1238: NT Headers: 0xf0
4128bc.1238: Timestamp: 0x54efb880
4138bc.1238: Machine: 0x8664 - amd64
4148bc.1238: Timestamp: 0x54efb880
4158bc.1238: Image Version: 6.3
4168bc.1238: SizeOfImage: 0x44000 (278528)
4178bc.1238: Resource Dir: 0x42000 LB 0xd50
4188bc.1238: ProductName: Microsoft Malware Protection
4198bc.1238: ProductVersion: 4.8.0200.0
4208bc.1238: FileVersion: 4.8.0200.0
4218bc.1238: FileDescription: Microsoft antimalware file system filter driver
4228bc.1238: \SystemRoot\System32\drivers\NisDrvWFP.sys:
4238bc.1238: CreationTime: 2011-04-27T18:25:24.000000000Z
4248bc.1238: LastWriteTime: 2015-03-04T22:34:52.000000000Z
4258bc.1238: ChangeTime: 2015-07-02T14:48:43.242247100Z
4268bc.1238: FileAttributes: 0x20
4278bc.1238: Size: 0x1e698
4288bc.1238: NT Headers: 0xf0
4298bc.1238: Timestamp: 0x54efb8af
4308bc.1238: Machine: 0x8664 - amd64
4318bc.1238: Timestamp: 0x54efb8af
4328bc.1238: Image Version: 6.3
4338bc.1238: SizeOfImage: 0x1f000 (126976)
4348bc.1238: Resource Dir: 0x1c000 LB 0x1b90
4358bc.1238: ProductName: Microsoft Malware Protection
4368bc.1238: ProductVersion: 4.8.0200.0
4378bc.1238: FileVersion: 4.8.0200.0
4388bc.1238: FileDescription: Microsoft Network Realtime Inspection Driver
4398bc.1238: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
4408bc.1238: Calling main()
4418bc.1238: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4428bc.1238: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
4438bc.1238: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4448bc.1238: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4458bc.1238: SUPR3HardenedMain: Respawn #2
4468bc.1238: supR3HardNtEnableThreadCreation:
4478bc.1238: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
4488bc.1238: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
4498bc.1238: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4508bc.1238: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4518bc.1238: supR3HardenedDllNotificationCallback: load 000007fefd120000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
4528bc.1238: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4538bc.1238: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd120000 'C:\Windows\system32\apphelp.dll'
4548bc.1238: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007756b630 pvNtTerminateThread=000000007758dee0
4558bc.1238: supR3HardenedWinDoReSpawn(2): New child 1170.668 [kernel32].
4568bc.1238: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd8000 cbPeb=0x380
4578bc.1238: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077540000 uNtDllChildAddr=0000000077540000
4588bc.1238: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007756b630
4598bc.1238: supR3HardenedWinSetupChildInit: Start child.
4608bc.1238: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
4618bc.1238: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
4628bc.1238: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4638bc.1238: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
4648bc.1238: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
4658bc.1238: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
4668bc.1238: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
4678bc.1238: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
4688bc.1238: 0000000000041000-fffffffffff51fff 0x0001/0x0000 0x0000000
4698bc.1238: *0000000000130000-0000000000033fff 0x0000/0x0004 0x0020000
4708bc.1238: 000000000022c000-0000000000228fff 0x0104/0x0004 0x0020000
4718bc.1238: 000000000022f000-000000000022dfff 0x0004/0x0004 0x0020000
4728bc.1238: 0000000000230000-ffffffff88f1ffff 0x0001/0x0000 0x0000000
4738bc.1238: *0000000077540000-0000000077540fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4748bc.1238: 0000000077541000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4758bc.1238: 000000007763f000-000000007766dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4768bc.1238: 000000007766e000-0000000077675fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4778bc.1238: 0000000077676000-0000000077676fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4788bc.1238: 0000000077677000-0000000077679fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4798bc.1238: 000000007767a000-00000000776e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4808bc.1238: 00000000776e9000-000000006fdf1fff 0x0001/0x0000 0x0000000
4818bc.1238: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
4828bc.1238: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
4838bc.1238: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
4848bc.1238: 000000007fff0000-ffffffffc04affff 0x0001/0x0000 0x0000000
4858bc.1238: *000000013fb30000-000000013fb30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4868bc.1238: 000000013fb31000-000000013fbb7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4878bc.1238: 000000013fbb8000-000000013fbb8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4888bc.1238: 000000013fbb9000-000000013fc03fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4898bc.1238: 000000013fc04000-000000013fc04fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4908bc.1238: 000000013fc05000-000000013fc05fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4918bc.1238: 000000013fc06000-000000013fc0afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4928bc.1238: 000000013fc0b000-000000013fc0bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4938bc.1238: 000000013fc0c000-000000013fc0cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4948bc.1238: 000000013fc0d000-000000013fc10fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4958bc.1238: 000000013fc11000-000000013fc5bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4968bc.1238: 000000013fc5c000-fffff80380057fff 0x0001/0x0000 0x0000000
4978bc.1238: *000007feff860000-000007feff860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
4988bc.1238: 000007feff861000-000007fdff111fff 0x0001/0x0000 0x0000000
4998bc.1238: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
5008bc.1238: 000007fffffd3000-000007fffffcdfff 0x0001/0x0000 0x0000000
5018bc.1238: *000007fffffd8000-000007fffffd6fff 0x0004/0x0004 0x0020000
5028bc.1238: 000007fffffd9000-000007fffffd3fff 0x0001/0x0000 0x0000000
5038bc.1238: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
5048bc.1238: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
5058bc.1238: apisetschema.dll: timestamp 0x568428c9 (rc=VINF_SUCCESS)
5068bc.1238: VirtualBox.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
5078bc.1238: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
5088bc.1238: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
5098bc.1238: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
5108bc.1238: supR3HardNtChildPurify: Done after 545 ms and 0 fixes (loop #0).
5111170.668: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
5121170.668: supR3HardenedVmProcessInit: uNtDllAddr=0000000077540000
5131170.668: ntdll.dll: timestamp 0x568429e5 (rc=VINF_SUCCESS)
5141170.668: New simple heap: #1 0000000000330000 LB 0x400000 (for 1740800 allocation)
5158bc.1238: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000320000 LB 0x400000)
5168bc.1238: supR3HardNtEnableThreadCreation:
5171170.668: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
5181170.668: System32: \Device\HarddiskVolume1\Windows\System32
5191170.668: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
5201170.668: KnownDllPath: C:\Windows\system32
5211170.668: supR3HardenedVmProcessInit: Opening vboxdrv...
5221170.668: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
5231170.668: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
5241170.668: Registered Dll notification callback with NTDLL.
5251170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
5261170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
5271170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
5281170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5291170.668: supR3HardenedDllNotificationCallback: load 0000000077420000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
5301170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5311170.668: supR3HardenedDllNotificationCallback: load 000007fefd440000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
5321170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
5331170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
5341170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077420000 'C:\Windows\system32\kernel32.dll'
5351170.668: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007756b630 pvNtTerminateThread=000000007758dee0
5368bc.1238: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 35 ms.
5371170.668: \SystemRoot\System32\ntdll.dll:
5381170.668: CreationTime: 2016-01-26T18:49:21.836875500Z
5391170.668: LastWriteTime: 2015-12-30T19:05:33.659216000Z
5401170.668: ChangeTime: 2016-01-26T21:56:31.754646400Z
5411170.668: FileAttributes: 0x20
5421170.668: Size: 0x1a67c0
5431170.668: NT Headers: 0xe0
5441170.668: Timestamp: 0x568429e5
5451170.668: Machine: 0x8664 - amd64
5461170.668: Timestamp: 0x568429e5
5471170.668: Image Version: 6.1
5481170.668: SizeOfImage: 0x1a9000 (1740800)
5491170.668: Resource Dir: 0x14d000 LB 0x5a028
5501170.668: ProductName: Microsoft® Windows® Operating System
5511170.668: ProductVersion: 6.1.7601.19110
5521170.668: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
5531170.668: FileDescription: NT Layer DLL
5541170.668: \SystemRoot\System32\kernel32.dll:
5551170.668: CreationTime: 2016-01-26T18:49:19.492741400Z
5561170.668: LastWriteTime: 2015-12-30T18:57:55.730000000Z
5571170.668: ChangeTime: 2016-01-26T21:56:32.456647600Z
5581170.668: FileAttributes: 0x20
5591170.668: Size: 0x11c000
5601170.668: NT Headers: 0xe8
5611170.668: Timestamp: 0x568429dc
5621170.668: Machine: 0x8664 - amd64
5631170.668: Timestamp: 0x568429dc
5641170.668: Image Version: 6.1
5651170.668: SizeOfImage: 0x11f000 (1175552)
5661170.668: Resource Dir: 0x116000 LB 0x528
5671170.668: ProductName: Microsoft® Windows® Operating System
5681170.668: ProductVersion: 6.1.7601.19110
5691170.668: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
5701170.668: FileDescription: Windows NT BASE API Client DLL
5711170.668: \SystemRoot\System32\KernelBase.dll:
5721170.668: CreationTime: 2016-01-26T18:49:19.237726800Z
5731170.668: LastWriteTime: 2015-12-30T18:57:55.761000000Z
5741170.668: ChangeTime: 2016-01-26T21:56:32.472247600Z
5751170.668: FileAttributes: 0x20
5761170.668: Size: 0x67a00
5771170.668: NT Headers: 0xe8
5781170.668: Timestamp: 0x568429dd
5791170.668: Machine: 0x8664 - amd64
5801170.668: Timestamp: 0x568429dd
5811170.668: Image Version: 6.1
5821170.668: SizeOfImage: 0x6c000 (442368)
5831170.668: Resource Dir: 0x6a000 LB 0x530
5841170.668: ProductName: Microsoft® Windows® Operating System
5851170.668: ProductVersion: 6.1.7601.19110
5861170.668: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
5871170.668: FileDescription: Windows NT BASE API Client DLL
5881170.668: \SystemRoot\System32\apisetschema.dll:
5891170.668: CreationTime: 2016-01-26T18:49:09.984197600Z
5901170.668: LastWriteTime: 2015-12-30T18:54:58.839000000Z
5911170.668: ChangeTime: 2016-01-26T21:56:31.645446200Z
5921170.668: FileAttributes: 0x20
5931170.668: Size: 0x1a00
5941170.668: NT Headers: 0xc0
5951170.668: Timestamp: 0x568428c9
5961170.668: Machine: 0x8664 - amd64
5971170.668: Timestamp: 0x568428c9
5981170.668: Image Version: 6.1
5991170.668: SizeOfImage: 0x50000 (327680)
6001170.668: Resource Dir: 0x30000 LB 0x3f8
6011170.668: ProductName: Microsoft® Windows® Operating System
6021170.668: ProductVersion: 6.1.7601.19110
6031170.668: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
6041170.668: FileDescription: ApiSet Schema DLL
6051170.668: NtOpenDirectoryObject failed on \Driver: 0xc0000022
6061170.668: supR3HardenedWinFindAdversaries: 0x480
6071170.668: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
6081170.668: CreationTime: 2014-05-13T15:27:59.765588000Z
6091170.668: LastWriteTime: 2016-03-21T18:38:29.470729100Z
6101170.668: ChangeTime: 2016-03-21T18:38:29.470729100Z
6111170.668: FileAttributes: 0x20
6121170.668: Size: 0x2eed8
6131170.668: NT Headers: 0xe0
6141170.668: Timestamp: 0x55b855d9
6151170.668: Machine: 0x8664 - amd64
6161170.668: Timestamp: 0x55b855d9
6171170.668: Image Version: 6.1
6181170.668: SizeOfImage: 0x33000 (208896)
6191170.668: Resource Dir: 0x31000 LB 0x3b8
6201170.668: ProductName: Malwarebytes Anti-Malware
6211170.668: ProductVersion: 0.3.0.0
6221170.668: FileVersion: 0.3.0.0
6231170.668: FileDescription: Malwarebytes Anti-Malware
6241170.668: \SystemRoot\System32\drivers\mwac.sys:
6251170.668: CreationTime: 2014-05-13T15:27:38.877393300Z
6261170.668: LastWriteTime: 2015-10-05T12:50:18.000000000Z
6271170.668: ChangeTime: 2015-10-19T20:47:27.768196000Z
6281170.668: FileAttributes: 0x20
6291170.668: Size: 0xf8d8
6301170.668: NT Headers: 0xf8
6311170.668: Timestamp: 0x53a0f42a
6321170.668: Machine: 0x8664 - amd64
6331170.668: Timestamp: 0x53a0f42a
6341170.668: Image Version: 6.2
6351170.668: SizeOfImage: 0x12000 (73728)
6361170.668: Resource Dir: 0x10000 LB 0x3e0
6371170.668: ProductName: Malwarebytes Web Access Control
6381170.668: ProductVersion: 1.0.6.0
6391170.668: FileVersion: 1.0.6.0
6401170.668: FileDescription: Malwarebytes Web Access Control
6411170.668: \SystemRoot\System32\drivers\mbamchameleon.sys:
6421170.668: CreationTime: 2014-05-13T15:27:38.901394700Z
6431170.668: LastWriteTime: 2015-10-05T12:50:10.000000000Z
6441170.668: ChangeTime: 2015-10-19T20:47:28.003209500Z
6451170.668: FileAttributes: 0x20
6461170.668: Size: 0x1aad8
6471170.668: NT Headers: 0xd8
6481170.668: Timestamp: 0x55c103c3
6491170.668: Machine: 0x8664 - amd64
6501170.668: Timestamp: 0x55c103c3
6511170.668: Image Version: 6.1
6521170.668: SizeOfImage: 0x1e000 (122880)
6531170.668: Resource Dir: 0x1c000 LB 0xba8
6541170.668: ProductName: Malwarebytes Chameleon
6551170.668: ProductVersion: 1.1.21.0
6561170.668: FileVersion: 1.1.21.0
6571170.668: FileDescription: Malwarebytes Chameleon Protection Driver
6581170.668: \SystemRoot\System32\drivers\mbam.sys:
6591170.668: CreationTime: 2011-12-14T12:06:54.432743500Z
6601170.668: LastWriteTime: 2015-10-05T12:50:06.000000000Z
6611170.668: ChangeTime: 2015-10-19T20:47:27.704192400Z
6621170.668: FileAttributes: 0x20
6631170.668: Size: 0x64d8
6641170.668: NT Headers: 0xd8
6651170.668: Timestamp: 0x55ca3257
6661170.668: Machine: 0x8664 - amd64
6671170.668: Timestamp: 0x55ca3257
6681170.668: Image Version: 6.1
6691170.668: SizeOfImage: 0xa000 (40960)
6701170.668: Resource Dir: 0x8000 LB 0x3a0
6711170.668: ProductName: Malwarebytes Anti-Malware
6721170.668: ProductVersion: 0.1.16.0
6731170.668: FileVersion: 0.1.16.0
6741170.668: FileDescription: Malwarebytes Anti-Malware
6751170.668: \SystemRoot\System32\drivers\MpFilter.sys:
6761170.668: CreationTime: 2015-03-04T22:34:52.000000000Z
6771170.668: LastWriteTime: 2015-03-04T22:34:52.000000000Z
6781170.668: ChangeTime: 2015-07-02T14:48:44.608325200Z
6791170.668: FileAttributes: 0x20
6801170.668: Size: 0x44738
6811170.668: NT Headers: 0xf0
6821170.668: Timestamp: 0x54efb880
6831170.668: Machine: 0x8664 - amd64
6841170.668: Timestamp: 0x54efb880
6851170.668: Image Version: 6.3
6861170.668: SizeOfImage: 0x44000 (278528)
6871170.668: Resource Dir: 0x42000 LB 0xd50
6881170.668: ProductName: Microsoft Malware Protection
6891170.668: ProductVersion: 4.8.0200.0
6901170.668: FileVersion: 4.8.0200.0
6911170.668: FileDescription: Microsoft antimalware file system filter driver
6921170.668: \SystemRoot\System32\drivers\NisDrvWFP.sys:
6931170.668: CreationTime: 2011-04-27T18:25:24.000000000Z
6941170.668: LastWriteTime: 2015-03-04T22:34:52.000000000Z
6951170.668: ChangeTime: 2015-07-02T14:48:43.242247100Z
6961170.668: FileAttributes: 0x20
6971170.668: Size: 0x1e698
6981170.668: NT Headers: 0xf0
6991170.668: Timestamp: 0x54efb8af
7001170.668: Machine: 0x8664 - amd64
7011170.668: Timestamp: 0x54efb8af
7021170.668: Image Version: 6.3
7031170.668: SizeOfImage: 0x1f000 (126976)
7041170.668: Resource Dir: 0x1c000 LB 0x1b90
7051170.668: ProductName: Microsoft Malware Protection
7061170.668: ProductVersion: 4.8.0200.0
7071170.668: FileVersion: 4.8.0200.0
7081170.668: FileDescription: Microsoft Network Realtime Inspection Driver
7091170.668: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
7101170.668: Calling main()
7111170.668: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
7121170.668: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
7131170.668: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
7141170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
7151170.668: SUPR3HardenedMain: Final process, opening VBoxDrv...
7161170.668: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000330000 LB 0x400000)
7171170.668: supR3HardNtEnableThreadCreation:
7181170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
7191170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
7201170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4140:C:\Windows\system32 [calling]
7211170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7221170.668: supR3HardenedDllNotificationCallback: load 000007fef5520000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
7231170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7241170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7251170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
7261170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5520000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
7271170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7281170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
7291170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5520000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
7301170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5520000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
7311170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7321170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
7331170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
7341170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
7351170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
7361170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
7371170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7381170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7391170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
7401170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
7411170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
7421170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
7431170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
7441170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
7451170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7461170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7471170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7481170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
7491170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
7501170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
7511170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7521170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7531170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
7541170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
7551170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
7561170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
7571170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
7581170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7591170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7601170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7611170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4140:C:\Windows\system32 [calling]
7621170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7631170.668: supR3HardenedDllNotificationCallback: load 000007fefd660000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
7641170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7651170.668: supR3HardenedDllNotificationCallback: load 000007fefda00000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
7661170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7671170.668: supR3HardenedDllNotificationCallback: load 000007fefd4d0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
7681170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7691170.668: supR3HardenedDllNotificationCallback: load 000007fefd2f0000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
7701170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
7711170.668: supR3HardenedDllNotificationCallback: load 000007fefd830000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
7721170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7731170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd660000 'C:\Windows\system32\Wintrust.dll'
7741170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
7751170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
7761170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000082d520:C:\Windows\system32 [calling]
7771170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7781170.668: supR3HardenedDllNotificationCallback: load 000007fefcc70000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
7791170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7801170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc70000 'C:\Windows\system32\bcrypt.dll'
7811170.668: bcrypt.dll loaded at 000007fefcc70000, BCryptOpenAlgorithmProvider at 000007fefcc72640, preloading providers:
7821170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
7831170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
7841170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
7851170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
7861170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
7871170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
7881170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7891170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7901170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
7911170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7921170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
7931170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
7941170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
7951170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7961170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7971170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7981170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7991170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8001170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8011170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8021170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
8031170.668: supR3HardenedDllNotificationCallback: load 000007fefc760000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
8041170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
8051170.668: supR3HardenedDllNotificationCallback: load 000007feff2e0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
8061170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8071170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
8081170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
8091170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
8101170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
8111170.668: supR3HardenedDllNotificationCallback: load 000007fefd960000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
8121170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
8131170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc760000 'C:\Windows\system32\bcryptprimitives.dll'
8141170.668: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000082ec00)
8151170.668: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000831ac0)
8161170.668: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000831be0)
8171170.668: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000831df0)
8181170.668: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000831f10)
8191170.668: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000832030)
8201170.668: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000832270)
8211170.668: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000832390)
8221170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
8231170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
8241170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8251170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8261170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8271170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8281170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8291170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8301170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8311170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
8321170.668: supR3HardenedDllNotificationCallback: load 000007fefcb20000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
8331170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
8341170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb20000 'C:\Windows\system32\CRYPTSP.dll'
8351170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8361170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
8371170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
8381170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8391170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8401170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8411170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8421170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8431170.668: supR3HardenedDllNotificationCallback: load 000007fefc820000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
8441170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8451170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc820000 'C:\Windows\system32\rsaenh.dll'
8461170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8471170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8481170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2e0000 'C:\Windows\system32\ADVAPI32.dll'
8491170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
8501170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
8511170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8521170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
8531170.668: supR3HardenedDllNotificationCallback: load 000007fefd180000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
8541170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
8551170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\Windows\system32\CRYPTBASE.dll'
8561170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
8571170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8581170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077420000 'C:\Windows\system32\kernel32.dll'
8591170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8601170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8611170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd660000 'C:\Windows\system32\WINTRUST.DLL'
8621170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8631170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8641170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4d0000 'C:\Windows\system32\CRYPT32.dll'
8651170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8661170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
8671170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
8681170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
8691170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
8701170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
8711170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8721170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8731170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8741170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8751170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8761170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
8771170.668: supR3HardenedDllNotificationCallback: load 000007fefdea0000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
8781170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
8791170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdea0000 'C:\Windows\system32\imagehlp.dll'
8801170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
8811170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
8821170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb20000 'C:\Windows\system32\CRYPTSP.dll'
8831170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
8841170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
8851170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
8861170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8871170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8881170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
8891170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
8901170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
8911170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
8921170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
8931170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
8941170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
8951170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
8961170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
8971170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
8981170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
8991170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9001170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9011170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9021170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
9031170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
9041170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9051170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
9061170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
9071170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
9081170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
9091170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9101170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9111170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9121170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9131170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9141170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9151170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9161170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9171170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9181170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9191170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9201170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9211170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9221170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9231170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9241170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
9251170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9261170.668: supR3HardenedDllNotificationCallback: load 0000000077320000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
9271170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9281170.668: supR3HardenedDllNotificationCallback: load 000007fefd980000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
9291170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9301170.668: supR3HardenedDllNotificationCallback: load 000007fefdec0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
9311170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\lpk.dll [lacks WinVerifyTrust]
9321170.668: supR3HardenedDllNotificationCallback: load 000007fefe3d0000 LB 0x000ca000 C:\Windows\system32\USP10.dll [fFlags=0x0]
9331170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\usp10.dll [lacks WinVerifyTrust]
9341170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9351170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
9361170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd980000 'C:\Windows\system32\gdi32.dll'
9371170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
9381170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
9391170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
9401170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
9411170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
9421170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
9431170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
9441170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9451170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
9461170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
9471170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
9481170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
9491170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
9501170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9511170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9521170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9531170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9541170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9551170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9561170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
9571170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
9581170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
9591170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9601170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9611170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9621170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9631170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9641170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9651170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9671170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9681170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
9691170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
9701170.668: supR3HardenedDllNotificationCallback: load 000007feff3c0000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
9711170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
9721170.668: supR3HardenedDllNotificationCallback: load 000007feff740000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
9731170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
9741170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff3c0000 'C:\Windows\system32\IMM32.DLL'
9751170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077320000 'C:\Windows\system32\USER32.dll'
9761170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
9771170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
9781170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
9791170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
9801170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
9811170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
9821170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
9831170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
9841170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9851170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9861170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9871170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
9881170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
9891170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
9901170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
9911170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
9921170.668: supR3HardenedDllNotificationCallback: load 000007fefcca0000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
9931170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
9941170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcca0000 'C:\Windows\system32\ncrypt.dll'
9951170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
9961170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
9971170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc70000 'C:\Windows\system32\bcrypt.dll'
9981170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9991170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
10001170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
10011170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
10021170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
10031170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
10041170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
10051170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10061170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
10071170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
10081170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10091170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10101170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10111170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10121170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10131170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10141170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10151170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10161170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10171170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10181170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
10191170.668: supR3HardenedDllNotificationCallback: load 000007fefd300000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
10201170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
10211170.668: supR3HardenedDllNotificationCallback: load 000007fefd2e0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
10221170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
10231170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd300000 'C:\Windows\system32\USERENV.dll'
10241170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10251170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
10261170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10271170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
10281170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10291170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
10301170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
10311170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
10321170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10331170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10341170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10351170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10361170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10371170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10381170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10391170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
10401170.668: supR3HardenedDllNotificationCallback: load 000007fefc590000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
10411170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
10421170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc590000 'C:\Windows\system32\GPAPI.dll'
10431170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10441170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-WIN-Service-Management-L1-1-0.dll'
10451170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10461170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10471170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd830000 'C:\Windows\system32\rpcrt4.dll'
10481170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10491170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-WIN-Service-Management-L2-1-0.dll'
10501170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10511170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
10521170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10531170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
10541170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
10551170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
10561170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
10571170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
10581170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
10591170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
10601170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10611170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
10621170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
10631170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
10641170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
10651170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
10661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10671170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
10681170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
10691170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10701170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10711170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10721170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10731170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10741170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10751170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10761170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10771170.668: supR3HardenedDllNotificationCallback: load 000007fef5d20000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
10781170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10791170.668: supR3HardenedDllNotificationCallback: load 000007feff230000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
10801170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
10811170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10821170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10831170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
10841170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10851170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10861170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
10871170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10881170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10891170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
10901170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10911170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10921170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
10931170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10941170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10951170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
10961170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10971170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
10981170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
10991170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11001170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
11011170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11021170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
11031170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11041170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
11051170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11061170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
11071170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11081170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
11091170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
11101170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11111170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\Windows\system32\cryptnet.dll'
11121170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11131170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
11141170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
11151170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11161170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2e0000 'C:\Windows\system32\profapi.dll'
11171170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
11181170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11191170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
11201170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
11211170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
11221170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11231170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11241170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11251170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11261170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11271170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
11281170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11291170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11301170.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11311170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11321170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
11331170.668: supR3HardenedDllNotificationCallback: load 000007fefded0000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
11341170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
11351170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefded0000 'C:\Windows\system32\SHLWAPI.dll'
11361170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
11371170.668: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000888f70
11381170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
11391170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=99113493CCEA6CE03AD58304FCE46D35B665BC85
11401170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11411170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
11421170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11431170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-WIN-Service-Management-L1-1-0.dll'
11441170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11451170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
11461170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
11471170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11481170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2e0000 'C:\Windows\system32\ADVAPI32.dll'
11491170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11501170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
11511170.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
11521170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
11531170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
11541170.668: g_pfnWinVerifyTrust=000007fefd661010
11551170.668: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
11561170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
11571170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
11581170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
11591170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BFD41401EDEBD4D914977D62B588ECABEE60CFD3
11601170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
11611170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11621170.668: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
11631170.668: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
11641170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
11651170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
11661170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
11671170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E1BBE4EB6D114F50142F24E2E2749EFD81021486
11681170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
11691170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11701170.668: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
11711170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
11721170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
11731170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
11741170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
11751170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
11761170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11771170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
11781170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000378 pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
11791170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
11801170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
11811170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
11821170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
11831170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11841170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
11851170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000374 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
11861170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
11871170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
11881170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=756DC088EE40CF9369C990D71B200F3CB59FC35D
11891170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
11901170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11911170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
11921170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000258 pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
11931170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
11941170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
11951170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
11961170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
11971170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11981170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
11991170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
12001170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12011170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12021170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
12031170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\profapi.dll'
12041170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12051170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
12061170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
12071170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12081170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12091170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
12101170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\userenv.dll'
12111170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12121170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
12131170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001ac pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
12141170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12151170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12161170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AF6214D5B4EE4D004FA11B4426B0E781D4E918A9
12171170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
12181170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12191170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
12201170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
12211170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12221170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12231170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
12241170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msctf.dll'
12251170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12261170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
12271170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
12281170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12291170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12301170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
12311170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\imm32.dll'
12321170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12331170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
12341170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
12351170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12361170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12371170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=31498ABFB06219E83141E0AA8B2A55C4CECFD033
12381170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\usp10.dll'
12391170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12401170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
12411170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
12421170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12431170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12441170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FDBA63132AE4F561C5CFC5478222E40A2DAA2ACC
12451170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume1\Windows\System32\lpk.dll'
12461170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12471170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
12481170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
12491170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12501170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12511170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E200CE23C0ADD95195EBA5616D50363CEA00DB25
12521170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3124001~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
12531170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12541170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
12551170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
12561170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12571170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12581170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=94AFB7B548C6C2376C6AEE4ECE2FA09C90F5FD4B
12591170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\user32.dll'
12601170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12611170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
12621170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
12631170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12641170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12651170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
12661170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
12671170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12681170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
12691170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
12701170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12711170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12721170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C369CA0A282E9201E8C3399DEF1010F6DC0676FA
12731170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
12741170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12751170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
12761170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
12771170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000012c pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
12781170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12791170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12801170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
12811170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
12821170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12831170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
12841170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
12851170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12861170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12871170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB669FA8DB80F8E50A29D055BB8D558E10E5E6B4
12881170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\sechost.dll'
12891170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12901170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
12911170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
12921170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
12931170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
12941170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6964F437558F504725B2BE66A35240231044644F
12951170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3121918~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
12961170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12971170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
12981170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
12991170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
13001170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
13011170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
13021170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
13031170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
13041170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13051170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
13061170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
13071170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
13081170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
13091170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
13101170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
13111170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13121170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
13131170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
13141170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
13151170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
13161170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
13171170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
13181170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13191170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
13201170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
13211170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
13221170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
13231170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DA2C80E31A4EEBFA49ACC284D4C1B701145978CB
13241170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
13251170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13261170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
13271170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
13281170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
13291170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
13301170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
13311170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=345936918DE59E26BE1BF613500ED5E48C26873F
13321170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
13331170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13341170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
13351170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
13361170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
13371170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
13381170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C5B3709F99BA1F5F78D42BD62B72E557388B5AE0
13391170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
13401170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13411170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
13421170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
13431170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d5af00:C:\Windows\system32 [calling]
13441170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4d0000 'C:\Windows\system32\crypt32.dll'
13451170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
13461170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
13471170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
13481170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
13491170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
13501170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
13511170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
13521170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
13531170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x75a2ccecb8259a00 C=TW, O=Government Root Certification Authority
13541170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
13551170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
13561170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
13571170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
13581170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
13591170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
13601170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
13611170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
13621170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
13631170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
13641170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
13651170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
13661170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
13671170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x2f371157ab2ac600 C=ES, O=Generalitat Valenciana, OU=PKIGVA, CN=Root CA Generalitat Valenciana
13681170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
13691170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
13701170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
13711170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
13721170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
13731170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
13741170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x5534b165029017e7 C=US, O=Equifax Secure Inc., CN=Equifax Secure Global eBusiness CA-1
13751170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
13761170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
13771170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
13781170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xc66d30927ebce400 C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
13791170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x185da5e55536b700 C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Chambers of Commerce Root
13801170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
13811170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
13821170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
13831170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
13841170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
13851170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
13861170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
13871170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
13881170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
13891170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
13901170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
13911170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
13921170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
13931170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
13941170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x92ac5ed85c2d0e9b C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2007 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G4
13951170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
13961170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
13971170.668: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
13981170.668: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
13991170.668: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=54
14001170.668: SUPR3HardenedMain: Load Runtime...
14011170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
14021170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
14031170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
14041170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
14051170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
14061170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14071170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14081170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14091170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
14101170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14111170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
14121170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000042c pwszName=\Device\HarddiskVolume1\Windows\System32\ws2_32.dll
14131170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
14141170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
14151170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
14161170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\ws2_32.dll'
14171170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14181170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14191170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
14201170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
14211170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ws2_32.dll) WinVerifyTrust
14221170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
14231170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14241170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14251170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
14261170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
14271170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
14281170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14291170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14301170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
14311170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
14321170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14331170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14341170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
14351170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
14361170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
14371170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000430 pwszName=\Device\HarddiskVolume1\Windows\System32\nsi.dll
14381170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
14391170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
14401170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
14411170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\nsi.dll'
14421170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14431170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nsi.dll) WinVerifyTrust
14441170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nsi.dll
14451170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14461170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14471170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
14481170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14491170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14501170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
14511170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
14521170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14531170.668: supR3HardenedDllNotificationCallback: load 000007fee8c00000 LB 0x00562000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
14541170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14551170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
14561170.668: supR3HardenedDllNotificationCallback: load 00000000729e0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
14571170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
14581170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
14591170.668: supR3HardenedDllNotificationCallback: load 0000000070810000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
14601170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
14611170.668: supR3HardenedDllNotificationCallback: load 000007feff290000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
14621170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
14631170.668: supR3HardenedDllNotificationCallback: load 000007fefd9f0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
14641170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
14651170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14661170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
14671170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14681170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14691170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
14701170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14711170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14721170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
14731170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14741170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14751170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
14761170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14771170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14781170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
14791170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14801170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14811170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
14821170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14831170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14841170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14851170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14861170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14871170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14881170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14891170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14901170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14911170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
14921170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14931170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14941170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14951170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14961170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14971170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14981170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14991170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15001170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15011170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15021170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15031170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15041170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15051170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15061170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15071170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15081170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
15091170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f4810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\AppServ\Apache2.2\bin;C:\AppServ\php5;C:\AppServ\MySQL\bin;C:\Program Files (x86)\SSH Communications Security\SSH Secure Shell;%JAVA_HOME%\bin;C:\Users\fvasquez\atlassian-plugin-sdk\bin [calling]
15101170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15111170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15121170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15131170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8c00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15141170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
15151170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000de5450:C:\Windows\system32 [calling]
15161170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd660000 'C:\Windows\system32\Wintrust.dll'
15171170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
15181170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000de5450:C:\Windows\system32 [calling]
15191170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4d0000 'C:\Windows\system32\crypt32.dll'
15201170.668: SUPR3HardenedMain: Load TrustedMain...
15211170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
15221170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
15231170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
15241170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
15251170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
15261170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
15271170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtopenglvbox4.dll'.
15281170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
15291170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
15301170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'.
15311170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'shell32.dll'.
15321170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
15331170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
15341170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'comdlg32.dll'.
15351170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
15361170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
15371170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
15381170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
15391170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
15401170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000490 pwszName=\Device\HarddiskVolume1\Windows\System32\winmm.dll
15411170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
15421170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
15431170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
15441170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winmm.dll'
15451170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15461170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
15471170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15481170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmm.dll) WinVerifyTrust
15491170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmm.dll
15501170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
15511170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
15521170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000478 pwszName=\Device\HarddiskVolume1\Windows\System32\comdlg32.dll
15531170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
15541170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
15551170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
15561170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\comdlg32.dll'
15571170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15581170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15591170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
15601170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15611170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
15621170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
15631170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
15641170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comdlg32.dll) WinVerifyTrust
15651170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
15661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
15671170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
15681170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000049c pwszName=\Device\HarddiskVolume1\Windows\System32\oleaut32.dll
15691170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
15701170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
15711170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8A837B0D823EB506C6A4C447C1962174D27ED954
15721170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3020338~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
15731170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15741170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
15751170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
15761170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
15771170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
15781170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
15791170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\oleaut32.dll) WinVerifyTrust
15801170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
15811170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15821170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15831170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume1\Windows\System32\ole32.dll
15841170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
15851170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
15861170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E93C1851E5754D607F55581B4DE2A30B711C830
15871170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\ole32.dll'
15881170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15891170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15901170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
15911170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
15921170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
15931170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ole32.dll) WinVerifyTrust
15941170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ole32.dll
15951170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15961170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
15971170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000048c pwszName=\Device\HarddiskVolume1\Windows\System32\shell32.dll
15981170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
15991170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
16001170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB4A0D952E568C1E85DCE662F9A066FFB2E6CE84
16011170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\shell32.dll'
16021170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16031170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16041170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
16051170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
16061170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
16071170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shell32.dll) WinVerifyTrust
16081170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shell32.dll
16091170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16101170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16111170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
16121170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16131170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16141170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
16151170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16161170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16171170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
16181170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
16191170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
16201170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
16211170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
16221170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
16231170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
16241170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
16251170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) WinVerifyTrust
16261170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
16271170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
16281170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
16291170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
16301170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
16311170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
16321170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
16331170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
16341170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
16351170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
16361170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
16371170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
16381170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
16391170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
16401170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
16411170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
16421170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll) WinVerifyTrust
16431170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
16441170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
16451170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
16461170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
16471170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
16481170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
16491170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
16501170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
16511170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
16521170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll) WinVerifyTrust
16531170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
16541170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16551170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16561170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
16571170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16581170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
16591170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
16601170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
16611170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
16621170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16631170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
16641170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004bc pwszName=\Device\HarddiskVolume1\Windows\System32\opengl32.dll
16651170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
16661170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
16671170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
16681170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\opengl32.dll'
16691170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16701170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16711170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
16721170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
16731170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
16741170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
16751170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
16761170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\opengl32.dll) WinVerifyTrust
16771170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\opengl32.dll
16781170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16791170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16801170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
16811170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
16821170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d8 pwszName=\Device\HarddiskVolume1\Windows\System32\ddraw.dll
16831170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
16841170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
16851170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
16861170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\ddraw.dll'
16871170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16881170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16891170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
16901170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
16911170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
16921170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
16931170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
16941170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ddraw.dll) WinVerifyTrust
16951170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ddraw.dll
16961170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
16971170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
16981170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c0 pwszName=\Device\HarddiskVolume1\Windows\System32\glu32.dll
16991170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
17001170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
17011170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
17021170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\glu32.dll'
17031170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17041170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17051170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
17061170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
17071170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\glu32.dll) WinVerifyTrust
17081170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\glu32.dll
17091170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17101170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17111170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17121170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17131170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
17141170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17151170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17161170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17171170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17181170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
17191170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17201170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17211170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
17221170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
17231170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
17241170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
17251170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17261170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17271170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
17281170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17291170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17301170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
17311170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17321170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17331170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17341170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17351170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
17361170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17371170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17381170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
17391170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
17401170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
17411170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
17421170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
17431170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
17441170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
17451170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17461170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17471170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17481170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17491170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17501170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17511170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
17521170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
17531170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
17541170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d4 pwszName=\Device\HarddiskVolume1\Windows\System32\winspool.drv
17551170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
17561170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
17571170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
17581170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\winspool.drv'
17591170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17601170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17611170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
17621170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
17631170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winspool.drv) WinVerifyTrust
17641170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winspool.drv
17651170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
17661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
17671170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
17681170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
17691170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
17701170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
17711170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17721170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17731170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
17741170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
17751170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
17761170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
17771170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17781170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17791170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17801170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17811170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
17821170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
17831170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
17841170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
17851170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
17861170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
17871170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
17881170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17891170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17901170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17911170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17921170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
17931170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
17941170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
17951170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17961170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17971170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17981170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17991170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
18001170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
18011170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
18021170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18031170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18041170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18051170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18061170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18071170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18081170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18091170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18101170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18111170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18121170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18131170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18141170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18151170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18161170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
18171170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18181170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18191170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18201170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18211170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18221170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18231170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
18241170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
18251170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
18261170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
18271170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
18281170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
18291170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000498 pwszName=\Device\HarddiskVolume1\Windows\System32\comctl32.dll
18301170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
18311170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
18321170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
18331170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\comctl32.dll'
18341170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18351170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
18361170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
18371170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
18381170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comctl32.dll) WinVerifyTrust
18391170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comctl32.dll
18401170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18411170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18421170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18431170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18441170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
18451170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
18461170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
18471170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18481170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18491170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18501170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18511170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18521170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18531170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18541170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18551170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18561170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18571170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
18581170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18591170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18601170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18611170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18621170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18631170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18641170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18651170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18671170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18681170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
18691170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
18701170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
18711170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18721170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18731170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
18741170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
18751170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e0 pwszName=\Device\HarddiskVolume1\Windows\System32\dwmapi.dll
18761170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
18771170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
18781170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F3F3D4867E9140896E0742D7EE8AE1D01FE85ECE
18791170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\dwmapi.dll'
18801170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18811170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18821170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
18831170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
18841170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dwmapi.dll) WinVerifyTrust
18851170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
18861170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
18871170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
18881170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e8 pwszName=\Device\HarddiskVolume1\Windows\System32\setupapi.dll
18891170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
18901170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
18911170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
18921170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
18931170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18941170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
18951170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
18961170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
18971170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
18981170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
18991170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
19001170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
19011170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\setupapi.dll) WinVerifyTrust
19021170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\setupapi.dll
19031170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19041170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19051170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
19061170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
19071170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ec pwszName=\Device\HarddiskVolume1\Windows\System32\dciman32.dll
19081170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
19091170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
19101170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=779E327CA47BE9830D08A18EEDE8A70C3A978A3B
19111170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume1\Windows\System32\dciman32.dll'
19121170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19131170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19141170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
19151170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
19161170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dciman32.dll) WinVerifyTrust
19171170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dciman32.dll
19181170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19191170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19201170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19211170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19221170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19231170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19241170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19251170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19261170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19271170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19281170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
19291170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume1\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
19301170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume1\Windows\System32\devobj.dll
19311170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
19321170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
19331170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
19341170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devobj.dll'
19351170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19361170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19371170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
19381170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\devobj.dll) WinVerifyTrust
19391170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devobj.dll
19401170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19411170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
19421170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
19431170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19441170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19451170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19461170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19471170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19481170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19491170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19501170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19511170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
19521170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
19531170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000504 pwszName=\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
19541170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
19551170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
19561170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
19571170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
19581170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19591170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19601170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
19611170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
19621170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll) WinVerifyTrust
19631170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
19641170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19651170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19671170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19681170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19691170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19701170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19711170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
19721170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19731170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19741170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19751170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19761170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
19771170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
19781170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
19791170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19801170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19811170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
19821170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
19831170.668: supR3HardenedDllNotificationCallback: load 000007fee8140000 LB 0x00abe000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
19841170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
19851170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
19861170.668: supR3HardenedDllNotificationCallback: load 000007feecdb0000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
19871170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
19881170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
19891170.668: supR3HardenedDllNotificationCallback: load 000007feef3e0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
19901170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
19911170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
19921170.668: supR3HardenedDllNotificationCallback: load 000007feeccb0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
19931170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
19941170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
19951170.668: supR3HardenedDllNotificationCallback: load 000007fef8a90000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
19961170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
19971170.668: supR3HardenedDllNotificationCallback: load 000007fefdbe0000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
19981170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
19991170.668: supR3HardenedDllNotificationCallback: load 000007fefd3f0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
20001170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
20011170.668: supR3HardenedDllNotificationCallback: load 000007fefddc0000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
20021170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
20031170.668: supR3HardenedDllNotificationCallback: load 000007fefdf50000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
20041170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
20051170.668: supR3HardenedDllNotificationCallback: load 000007fefd320000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
20061170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\devobj.dll
20071170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
20081170.668: supR3HardenedDllNotificationCallback: load 000007fefb5f0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
20091170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
20101170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
20111170.668: supR3HardenedDllNotificationCallback: load 00000000674a0000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
20121170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
20131170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
20141170.668: supR3HardenedDllNotificationCallback: load 0000000066b30000 LB 0x0096c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
20151170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
20161170.668: supR3HardenedDllNotificationCallback: load 000007fefdb40000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
20171170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
20181170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
20191170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
20201170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
20211170.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
20221170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
20231170.668: supR3HardenedDllNotificationCallback: load 000007fef3740000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
20241170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
20251170.668: supR3HardenedDllNotificationCallback: load 000007fefe4a0000 LB 0x00d89000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
20261170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
20271170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
20281170.668: supR3HardenedDllNotificationCallback: load 000007fef7090000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
20291170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
20301170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
20311170.668: supR3HardenedDllNotificationCallback: load 000007fef73d0000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
20321170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
20331170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
20341170.668: supR3HardenedDllNotificationCallback: load 0000000066a50000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
20351170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
20361170.668: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
20371170.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
20381170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
20391170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20401170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20411170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20421170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
20431170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20441170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
20451170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a300:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20461170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff3c0000 'C:\Windows\system32\imm32.dll'
20471170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8140000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
20481170.668: SUPR3HardenedMain: Calling TrustedMain (000007fee81410d0)...
20491170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
20501170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20511170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7090000 'C:\Windows\system32\winmm.dll'
20521170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000594 pwszName=\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20531170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
20541170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
20551170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
20561170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\uxtheme.dll'
20571170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20581170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20591170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
20601170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
20611170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\uxtheme.dll) WinVerifyTrust
20621170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20631170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20641170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
20651170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20671170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20681170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20691170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6c740:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20701170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20711170.668: supR3HardenedDllNotificationCallback: load 000007fefba20000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
20721170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20731170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
20741170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20751170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6c740:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20761170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
20771170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20781170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6d500:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20791170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
20801170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20811170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6d500:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20821170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
20831170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
20841170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20851170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb5f0000 'C:\Windows\system32\dwmapi.dll'
20861170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
20871170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20881170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\Windows\system32\CRYPTBASE.dll'
20891170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
20901170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20911170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe4a0000 'C:\Windows\system32\shell32.dll'
20921170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
20931170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20941170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077420000 'C:\Windows\system32\kernel32.dll'
20951170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20961170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
20971170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
20981170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
20991170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21001170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
21011170.668: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
21021170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21031170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
21041170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077320000 'C:\Windows\system32\user32.dll'
21051170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
21061170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21071170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
21081170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077320000 'C:\Windows\system32\user32.dll'
21091170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2e0000 'C:\Windows\system32\advapi32.dll'
21101170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll
21111170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21121170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd300000 'C:\Windows\system32\userenv.dll'
21131170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
21141170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21151170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077420000 'C:\Windows\system32\kernel32.dll'
21161170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005f4 pwszName=\Device\HarddiskVolume1\Windows\System32\clbcatq.dll
21171170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
21181170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
21191170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
21201170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\clbcatq.dll'
21211170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21221170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21231170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
21241170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
21251170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
21261170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
21271170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
21281170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clbcatq.dll) WinVerifyTrust
21291170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
21301170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21311170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21321170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21331170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
21341170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
21351170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21361170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21371170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21381170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21391170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21401170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
21411170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
21421170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21431170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21441170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
21451170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21461170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
21471170.668: supR3HardenedDllNotificationCallback: load 000007fefdaa0000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
21481170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
21491170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdaa0000 'C:\Windows\system32\CLBCatQ.DLL'
21501170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2e0000 'C:\Windows\system32\ADVAPI32.dll'
21511170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
21521170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a660:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21531170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb20000 'C:\Windows\system32\CRYPTSP.dll'
21541170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000614 pwszName=\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
21551170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
21561170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
21571170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
21581170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll'
21591170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21601170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
21611170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
21621170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
21631170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21641170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21651170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086a660:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21661170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
21671170.668: supR3HardenedDllNotificationCallback: load 000007fefd230000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
21681170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
21691170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd230000 'C:\Windows\system32\RpcRtRemote.dll'
21701170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
21711170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
21721170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
21731170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
21741170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
21751170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
21761170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
21771170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
21781170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
21791170.74c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
21801170.74c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
21811170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21821170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
21831170.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
21841170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21851170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
21861170.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
21871170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
21881170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
21891170.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
21901170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
21911170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume1\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
21921170.74c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000670 pwszName=\Device\HarddiskVolume1\Windows\System32\version.dll
21931170.74c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
21941170.74c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
21951170.74c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
21961170.74c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\version.dll'
21971170.74c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21981170.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
21991170.74c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\version.dll) WinVerifyTrust
22001170.74c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\version.dll
22011170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22021170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
22031170.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
22041170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22051170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22061170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
22071170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
22081170.74c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000674 pwszName=\Device\HarddiskVolume1\Windows\System32\psapi.dll
22091170.74c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
22101170.74c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
22111170.74c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=561BAAB249C395B66D294444DF251EDB701DB607
22121170.74c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\psapi.dll'
22131170.74c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22141170.74c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\psapi.dll) WinVerifyTrust
22151170.74c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\psapi.dll
22161170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
22171170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
22181170.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
22191170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22201170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22211170.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
22221170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22231170.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22241170.74c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3b50:C:\Program Files\Oracle\VirtualBox;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22251170.74c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
22261170.74c: supR3HardenedDllNotificationCallback: load 000007fee7b60000 LB 0x005d8000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
22271170.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
22281170.74c: supR3HardenedDllNotificationCallback: load 0000000077710000 LB 0x00007000 C:\Windows\system32\PSAPI.DLL [fFlags=0x0]
22291170.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\psapi.dll
22301170.74c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
22311170.74c: supR3HardenedDllNotificationCallback: load 000007fefc3d0000 LB 0x0000c000 C:\Windows\system32\VERSION.dll [fFlags=0x0]
22321170.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
22331170.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7b60000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
22341170.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
22351170.74c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6d660:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22361170.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddc0000 'C:\Windows\system32\oleaut32.dll'
22371170.74c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000664 pwszName=\Device\HarddiskVolume1\Windows\System32\sxs.dll
22381170.74c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
22391170.74c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
22401170.74c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
22411170.74c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\sxs.dll'
22421170.74c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22431170.74c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\sxs.dll) WinVerifyTrust
22441170.74c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sxs.dll
22451170.74c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SXS.DLL (Input=SXS.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086aae0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22461170.74c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\sxs.dll
22471170.74c: supR3HardenedDllNotificationCallback: load 000007fefd190000 LB 0x00091000 C:\Windows\system32\SXS.DLL [fFlags=0x0]
22481170.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\sxs.dll
22491170.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd190000 'C:\Windows\system32\SXS.DLL'
22501170.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2e0000 'C:\Windows\system32\ADVAPI32.dll'
22511170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
22521170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086adb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22531170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddc0000 'C:\Windows\system32\OLEAUT32.dll'
22541170.668: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
22551170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086adb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22561170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
22571170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd980000 'C:\Windows\system32\gdi32.dll'
22581170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077320000 'C:\Windows\system32\user32.dll'
22591170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
22601170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086ad20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22611170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe4a0000 'C:\Windows\system32\shell32.dll'
22621170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2e0000 'C:\Windows\system32\ADVAPI32.dll'
22631170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
22641170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086ad20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22651170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf50000 'C:\Windows\system32\ole32.dll'
22661170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msctf.dll
22671170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6d7c0:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22681170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff740000 'C:\Windows\system32\MSCTF.dll'
22691170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
22701170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e54f30:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22711170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb5f0000 'C:\Windows\system32\dwmapi.dll'
22721170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba20000 'C:\Windows\system32\uxtheme.dll'
22731170.668: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [redir]
22741170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [redoing WinVerifyTrust]
22751170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000508 pwszName=\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
22761170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
22771170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
22781170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
22791170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
22801170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22811170.668: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
22821170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000002e54f30:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22831170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3740000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
22841170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
22851170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e54f30:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22861170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddc0000 'C:\Windows\system32\OLEAUT32.DLL'
22871170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
22881170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6d920:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22891170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb5f0000 'C:\Windows\system32\dwmapi.dll'
22901170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
22911170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e54f30:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22921170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf50000 'C:\Windows\system32\ole32.dll'
22931170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddc0000 'C:\Windows\system32\OLEAUT32.dll'
22941170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a90 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
22951170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
22961170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
22971170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
22981170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll'
22991170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23001170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23011170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
23021170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
23031170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
23041170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
23051170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
23061170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
23071170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
23081170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
23091170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
23101170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
23111170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23121170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23131170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23141170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23151170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23161170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23171170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
23181170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
23191170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a7c pwszName=\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
23201170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
23211170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
23221170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
23231170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll'
23241170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23251170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23261170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
23271170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
23281170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
23291170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
23301170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll) WinVerifyTrust
23311170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
23321170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23331170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23341170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
23351170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
23361170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
23371170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23381170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23391170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
23401170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23411170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23421170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23431170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23441170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23451170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23461170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000de3c50:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23471170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
23481170.668: supR3HardenedDllNotificationCallback: load 000007fefa180000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
23491170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
23501170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
23511170.668: supR3HardenedDllNotificationCallback: load 000007fef77f0000 LB 0x00086000 C:\Windows\system32\wbemcomn.dll [fFlags=0x0]
23521170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
23531170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa180000 'C:\Windows\system32\wbem\wbemprox.dll'
23541170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aa8 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
23551170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
23561170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
23571170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
23581170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll'
23591170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23601170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23611170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
23621170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
23631170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
23641170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23651170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23661170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23671170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23681170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000de3c50:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23691170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
23701170.668: supR3HardenedDllNotificationCallback: load 000007fef18b0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
23711170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
23721170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\wbem\wbemsvc.dll'
23731170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab4 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
23741170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
23751170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
23761170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
23771170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll'
23781170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23791170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23801170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
23811170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
23821170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
23831170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
23841170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
23851170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
23861170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
23871170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
23881170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
23891170.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aa0 pwszName=\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
23901170.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
23911170.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
23921170.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
23931170.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll'
23941170.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23951170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23961170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
23971170.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
23981170.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll) WinVerifyTrust
23991170.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
24001170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24011170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24021170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24031170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24041170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24051170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24061170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
24071170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
24081170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
24091170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24101170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24111170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24121170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24131170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
24141170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24151170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24161170.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
24171170.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24181170.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24191170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000de3c50:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24201170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
24211170.668: supR3HardenedDllNotificationCallback: load 000007fef1d30000 LB 0x000e2000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
24221170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
24231170.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
24241170.668: supR3HardenedDllNotificationCallback: load 000007fef1c80000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
24251170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
24261170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1d30000 'C:\Windows\system32\wbem\fastprox.dll'
24271170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddc0000 'C:\Windows\system32\OLEAUT32.dll'
24281170.1258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24291170.1258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
24301170.1258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24311170.1258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
24321170.1258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24331170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24341170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24351170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
24361170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
24371170.1258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
24381170.1258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
24391170.1258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
24401170.1258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
24411170.1258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
24421170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24431170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24441170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24451170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24461170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
24471170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
24481170.1258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24491170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24501170.1258: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24511170.1258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24521170.1258: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24531170.1258: supR3HardenedDllNotificationCallback: load 000007fee6690000 LB 0x0029c000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
24541170.1258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24551170.1258: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
24561170.1258: supR3HardenedDllNotificationCallback: load 0000000068420000 LB 0x0010a000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
24571170.1258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
24581170.1258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee6690000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
24591170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ndis.sys'.
24601170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ntoskrnl.exe'.
24611170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys)
24621170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys
24631170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys [avoiding WinVerifyTrust]
24641170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
24651170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
24661170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
24671170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys)
24681170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys
24691170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys [avoiding WinVerifyTrust]
24701170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
24711170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys)
24721170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys
24731170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys [avoiding WinVerifyTrust]
24741170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
24751170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys)
24761170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys
24771170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys [avoiding WinVerifyTrust]
24781170.b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys'
24791170.b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys'
24801170.b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys'
24811170.b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys'
24821170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24831170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
24841170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24851170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
24861170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
24871170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
24881170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24891170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
24901170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24911170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24921170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
24931170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
24941170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24951170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24961170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24971170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
24981170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
24991170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'pshed.dll'.
25001170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
25011170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'kdcom.dll'.
25021170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'clfs.sys'.
25031170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ci.dll'.
25041170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe) WinVerifyTrust
25051170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25061170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25071170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25081170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25091170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
25101170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
25111170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25121170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
25131170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msrpc.sys'.
25141170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\netio.sys) WinVerifyTrust
25151170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\netio.sys
25161170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
25171170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
25181170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25191170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
25201170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
25211170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys) WinVerifyTrust
25221170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys
25231170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25241170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25251170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25261170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25271170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25281170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25291170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
25301170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
25311170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys
25321170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
25331170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
25341170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\netio.sys
25351170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
25361170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
25371170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25381170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'kdcom.dll'.
25391170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'pshed.dll'.
25401170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\hal.dll) WinVerifyTrust
25411170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\hal.dll
25421170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25431170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25441170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25451170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
25461170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msrpc.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\msrpc.sys' [rcNtRedir=0xc0150008]
25471170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25481170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\msrpc.sys) WinVerifyTrust
25491170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\msrpc.sys
25501170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
25511170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
25521170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys
25531170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25541170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25551170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25561170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ci.dll'...
25571170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ci.dll' -> '\Device\HarddiskVolume1\Windows\System32\ci.dll' [rcNtRedir=0xc0150008]
25581170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25591170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ci.dll) WinVerifyTrust
25601170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ci.dll
25611170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'clfs.sys'...
25621170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'clfs.sys' -> '\Device\HarddiskVolume1\Windows\System32\clfs.sys' [rcNtRedir=0xc0150008]
25631170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25641170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clfs.sys) WinVerifyTrust
25651170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clfs.sys
25661170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
25671170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume1\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
25681170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25691170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
25701170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\kdcom.dll) WinVerifyTrust
25711170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kdcom.dll
25721170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
25731170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
25741170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\hal.dll
25751170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
25761170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume1\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
25771170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
25781170.b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
25791170.b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\PSHED.DLL) WinVerifyTrust
25801170.b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\PSHED.DLL
25811170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
25821170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
25831170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\hal.dll
25841170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25851170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25861170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25871170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
25881170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
25891170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\hal.dll
25901170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25911170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25921170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25931170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25941170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25951170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
25961170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25971170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
25981170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
25991170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
26001170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
26011170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume1\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
26021170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\PSHED.DLL
26031170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
26041170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume1\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
26051170.b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kdcom.dll
26061170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
26071170.b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
26081170.b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26091170.b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
26101170.b0: supR3HardenedDllNotificationCallback: load 000007feefec0000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
26111170.b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
26121170.b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feefec0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
26131170.8c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26141170.8c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26151170.8c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26161170.8c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
26171170.8c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
26181170.8c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26191170.8c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26201170.8c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
26211170.8c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
26221170.8c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
26231170.8c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26241170.8c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26251170.8c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26261170.8c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
26271170.8c8: supR3HardenedDllNotificationCallback: load 000007fef3570000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
26281170.8c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
26291170.8c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3570000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
26301170.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26311170.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26321170.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26331170.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
26341170.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26351170.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26361170.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26371170.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
26381170.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
26391170.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
26401170.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26411170.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26421170.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26431170.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26441170.234: supR3HardenedDllNotificationCallback: load 000007feefbd0000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
26451170.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26461170.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feefbd0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
26471170.5e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26481170.5e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26491170.5e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26501170.5e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
26511170.5e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26521170.5e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26531170.5e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26541170.5e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
26551170.5e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
26561170.5e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26571170.5e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26581170.5e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26591170.5e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26601170.5e0: supR3HardenedDllNotificationCallback: load 000007feefeb0000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
26611170.5e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26621170.5e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feefeb0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
26631170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
26641170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26651170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
26661170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe4a0000 'C:\Windows\system32/Shell32.dll'
26671170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf50000 'C:\Windows\system32\ole32.dll'
26681170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26691170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
26701170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll
26711170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26721170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2e0000 'C:\Windows\system32\profapi.dll'
26731170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26741170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
26751170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26761170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
26771170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
26781170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
26791170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
26801170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
26811170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
26821170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
26831170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
26841170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
26851170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
26861170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
26871170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ce0 pwszName=\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
26881170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
26891170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
26901170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
26911170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL'
26921170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26931170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26941170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
26951170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
26961170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
26971170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
26981170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
26991170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
27001170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
27011170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
27021170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
27031170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
27041170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
27051170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
27061170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
27071170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27081170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27091170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
27101170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
27111170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27121170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
27131170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27141170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
27151170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
27161170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
27171170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
27181170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27191170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
27201170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
27211170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
27221170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
27231170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
27241170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
27251170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
27261170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27271170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27281170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27291170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27301170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27311170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27321170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27331170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27341170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
27351170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
27361170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume1\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
27371170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d00 pwszName=\Device\HarddiskVolume1\Windows\System32\newdev.dll
27381170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
27391170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
27401170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F4B2CF91DA6B4233E3BF5D2EC9677240BFF983C
27411170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume1\Windows\System32\newdev.dll'
27421170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27431170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27441170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
27451170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
27461170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
27471170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
27481170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
27491170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
27501170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\newdev.dll) WinVerifyTrust
27511170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\newdev.dll
27521170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
27531170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
27541170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
27551170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27561170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27571170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27581170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27591170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27601170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27611170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27621170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27631170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27641170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27651170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27661170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27671170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27681170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
27691170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27701170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27711170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
27721170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
27731170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cec pwszName=\Device\HarddiskVolume1\Windows\System32\winnsi.dll
27741170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
27751170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
27761170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
27771170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winnsi.dll'
27781170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27791170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27801170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
27811170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
27821170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winnsi.dll) WinVerifyTrust
27831170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winnsi.dll
27841170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
27851170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
27861170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
27871170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27881170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27891170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
27901170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
27911170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
27921170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27931170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27941170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27951170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27961170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
27971170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
27981170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
27991170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
28001170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
28011170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
28021170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
28031170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume1\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
28041170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
28051170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
28061170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28071170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28081170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28091170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
28101170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28111170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28121170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28131170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
28141170.bf8: supR3HardenedDllNotificationCallback: load 000007fee5da0000 LB 0x008e5000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
28151170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
28161170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28171170.bf8: supR3HardenedDllNotificationCallback: load 000007feef370000 LB 0x00061000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
28181170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28191170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\newdev.dll
28201170.bf8: supR3HardenedDllNotificationCallback: load 000007feef2c0000 LB 0x00051000 C:\Windows\system32\newdev.dll [fFlags=0x0]
28211170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\newdev.dll
28221170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28231170.bf8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\devrtl.dll)
28241170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devrtl.dll
28251170.bf8: supR3HardenedDllNotificationCallback: load 000007fefc5b0000 LB 0x00012000 C:\Windows\system32\devrtl.DLL [fFlags=0x0]
28261170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
28271170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28281170.bf8: supR3HardenedDllNotificationCallback: load 000007feef230000 LB 0x00035000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
28291170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28301170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
28311170.bf8: supR3HardenedDllNotificationCallback: load 000007fefa640000 LB 0x00027000 C:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
28321170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
28331170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
28341170.bf8: supR3HardenedDllNotificationCallback: load 000007fefa620000 LB 0x0000b000 C:\Windows\system32\WINNSI.DLL [fFlags=0x0]
28351170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
28361170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee5da0000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
28371170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d0c pwszName=\Device\HarddiskVolume1\Windows\System32\devrtl.dll
28381170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
28391170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
28401170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
28411170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devrtl.dll'
28421170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28431170.bf8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\devrtl.dll'
28441170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
28451170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28461170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28471170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28481170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
28491170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7b60000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
28501170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28511170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28521170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28531170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feef230000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
28541170.e44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28551170.e44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
28561170.e44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28571170.e44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
28581170.e44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
28591170.e44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28601170.e44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28611170.e44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
28621170.e44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
28631170.e44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28641170.e44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28651170.e44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28661170.e44: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28671170.e44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
28681170.e44: supR3HardenedDllNotificationCallback: load 000007feef850000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
28691170.e44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
28701170.e44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feef850000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
28711170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
28721170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e554d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28731170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
28741170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa640000 'C:\Windows\system32/Iphlpapi.dll'
28751170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dd8 pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
28761170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
28771170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
28781170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A719769A21133C3F89F7BEA09AB706365F35DF8F
28791170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB2763523~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll'
28801170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28811170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28821170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
28831170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
28841170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll) WinVerifyTrust
28851170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
28861170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
28871170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
28881170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
28891170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
28901170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28911170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28921170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28931170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc6.DLL (Input=dhcpcsvc6.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55050:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28941170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
28951170.bf8: supR3HardenedDllNotificationCallback: load 000007fefa4b0000 LB 0x00011000 C:\Windows\system32\dhcpcsvc6.DLL [fFlags=0x0]
28961170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
28971170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa4b0000 'C:\Windows\system32\dhcpcsvc6.DLL'
28981170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
28991170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55050:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
29001170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa640000 'C:\Windows\system32\IPHLPAPI.DLL'
29011170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dfc pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
29021170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
29031170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
29041170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D89E2D6AED9A19082ECA108BEEF81A904C7A9756
29051170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll'
29061170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29071170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29081170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
29091170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
29101170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
29111170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll) WinVerifyTrust
29121170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
29131170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
29141170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
29151170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
29161170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29171170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
29181170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29191170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29201170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29211170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29221170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc.DLL (Input=dhcpcsvc.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55200:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
29231170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
29241170.bf8: supR3HardenedDllNotificationCallback: load 000007fefa490000 LB 0x00018000 C:\Windows\system32\dhcpcsvc.DLL [fFlags=0x0]
29251170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
29261170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa490000 'C:\Windows\system32\dhcpcsvc.DLL'
29271170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
29281170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55200:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
29291170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa640000 'C:\Windows\system32\IPHLPAPI.DLL'
29301170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e54 pwszName=\Device\HarddiskVolume1\Windows\System32\dsound.dll
29311170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
29321170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
29331170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
29341170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\dsound.dll'
29351170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29361170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29371170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
29381170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
29391170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
29401170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
29411170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
29421170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dsound.dll) WinVerifyTrust
29431170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dsound.dll
29441170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
29451170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume1\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
29461170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e58 pwszName=\Device\HarddiskVolume1\Windows\System32\powrprof.dll
29471170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
29481170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
29491170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
29501170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\powrprof.dll'
29511170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29521170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29531170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
29541170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
29551170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\powrprof.dll) WinVerifyTrust
29561170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\powrprof.dll
29571170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
29581170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
29591170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
29601170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29611170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
29621170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
29631170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
29641170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29651170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29661170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29671170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29681170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
29691170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
29701170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
29711170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29721170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29731170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29741170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29751170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55200:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
29761170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
29771170.bf8: supR3HardenedDllNotificationCallback: load 000007fee76e0000 LB 0x00088000 C:\Windows\system32\dsound.dll [fFlags=0x0]
29781170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
29791170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
29801170.bf8: supR3HardenedDllNotificationCallback: load 000007fefb000000 LB 0x0002c000 C:\Windows\system32\POWRPROF.dll [fFlags=0x0]
29811170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
29821170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
29831170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55b00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
29841170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee76e0000 'C:\Windows\system32\dsound.dll'
29851170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee76e0000 'C:\Windows\system32/dsound.dll'
29861170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e7c pwszName=\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
29871170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
29881170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
29891170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
29901170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll'
29911170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29921170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29931170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
29941170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
29951170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
29961170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll) WinVerifyTrust
29971170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
29981170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
29991170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume1\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
30001170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e60 pwszName=\Device\HarddiskVolume1\Windows\System32\propsys.dll
30011170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
30021170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
30031170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
30041170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\propsys.dll'
30051170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30061170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30071170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
30081170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
30091170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
30101170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
30111170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\propsys.dll) WinVerifyTrust
30121170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\propsys.dll
30131170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30141170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30151170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30161170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30171170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30181170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30191170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30201170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30211170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30221170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30231170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
30241170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
30251170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
30261170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
30271170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30281170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30291170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6e2c0:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30301170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
30311170.bf8: supR3HardenedDllNotificationCallback: load 000007fefb610000 LB 0x0004b000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
30321170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
30331170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
30341170.bf8: supR3HardenedDllNotificationCallback: load 000007fefba80000 LB 0x0012c000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
30351170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
30361170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2e0000 'C:\Windows\system32\ADVAPI32.dll'
30371170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb610000 'C:\Windows\System32\MMDevApi.dll'
30381170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
30391170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30401170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf50000 'C:\Windows\system32\ole32.dll'
30411170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
30421170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30431170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbe0000 'C:\Windows\system32\SETUPAPI.dll'
30441170.bc8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
30451170.bc8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30461170.bc8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3f0000 'C:\Windows\system32\CFGMGR32.dll'
30471170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
30481170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30491170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7090000 'C:\Windows\system32\winmm.dll'
30501170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30511170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-WIN-Service-Management-L1-1-0.dll'
30521170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30531170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd960000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
30541170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd830000 'C:\Windows\system32\RPCRT4.dll'
30551170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
30561170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30571170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb610000 'C:\Windows\system32\MMDevAPI.DLL'
30581170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ea0 pwszName=\Device\HarddiskVolume1\Windows\System32\wdmaud.drv
30591170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
30601170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
30611170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
30621170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wdmaud.drv'
30631170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30641170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30651170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
30661170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
30671170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
30681170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
30691170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
30701170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
30711170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
30721170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wdmaud.drv) WinVerifyTrust
30731170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
30741170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
30751170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
30761170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000eb4 pwszName=\Device\HarddiskVolume1\Windows\System32\avrt.dll
30771170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
30781170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
30791170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
30801170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\avrt.dll'
30811170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30821170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\avrt.dll) WinVerifyTrust
30831170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\avrt.dll
30841170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
30851170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
30861170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
30871170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
30881170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume1\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
30891170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ed0 pwszName=\Device\HarddiskVolume1\Windows\System32\ksuser.dll
30901170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000888f70
30911170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000888f70
30921170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D99CFB3BFCA1F454FC7109DB98D18923ABBA361
30931170.bf8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB3110329~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\ksuser.dll'
30941170.bf8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30951170.bf8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30961170.bf8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ksuser.dll) WinVerifyTrust
30971170.bf8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ksuser.dll
30981170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
30991170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
31001170.bf8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
31011170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
31021170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
31031170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
31041170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
31051170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
31061170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
31071170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31081170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31091170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31101170.bf8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31111170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31121170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
31131170.bf8: supR3HardenedDllNotificationCallback: load 000007fef2d20000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
31141170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
31151170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
31161170.bf8: supR3HardenedDllNotificationCallback: load 00000000737f0000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0]
31171170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
31181170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
31191170.bf8: supR3HardenedDllNotificationCallback: load 000007fefac40000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0]
31201170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
31211170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2d20000 'C:\Windows\system32\wdmaud.drv'
31221170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
31231170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31241170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2d20000 'C:\Windows\system32\wdmaud.drv'
31251170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
31261170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31271170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7090000 'C:\Windows\system32\winmm.dll'
31281170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
31291170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000d6e2c0:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31301170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee76e0000 'C:\Windows\System32\dsound.dll'
31311170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7090000 'C:\Windows\system32\winmm.dll'
31321170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7090000 'C:\Windows\system32\winmm.dll'
31331170.bf8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
31341170.bf8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31351170.bf8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
31361170.bf8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077420000 'C:\Windows\system32/kernel32.dll'
31371170.1258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddc0000 'C:\Windows\system32\OLEAUT32.dll'
31381170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msctf.dll
31391170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31401170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff740000 'C:\Windows\system32\msctf.dll'
31411170.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msctf.dll
31421170.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002e55a70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31431170.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff740000 'C:\Windows\system32\msctf.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy