VirtualBox

Ticket #15398: VBoxHardening.log

File VBoxHardening.log, 436.9 KB (added by VitusSumy, 8 years ago)
Line 
180c.fc0: Log file opened: 5.0.20r106931 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
280c.fc0: \SystemRoot\System32\ntdll.dll:
380c.fc0: CreationTime: 2010-11-21T03:23:51.351694200Z
480c.fc0: LastWriteTime: 2010-11-21T03:23:51.367294200Z
580c.fc0: ChangeTime: 2012-11-14T06:01:59.505274200Z
680c.fc0: FileAttributes: 0x20
780c.fc0: Size: 0x1a6d60
880c.fc0: NT Headers: 0xe0
980c.fc0: Timestamp: 0x4ce7c8f9
1080c.fc0: Machine: 0x8664 - amd64
1180c.fc0: Timestamp: 0x4ce7c8f9
1280c.fc0: Image Version: 6.1
1380c.fc0: SizeOfImage: 0x1a9000 (1740800)
1480c.fc0: Resource Dir: 0x151000 LB 0x560d8
1580c.fc0: ProductName: Microsoft® Windows® Operating System
1680c.fc0: ProductVersion: 6.1.7601.17514
1780c.fc0: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
1880c.fc0: FileDescription: NT Layer DLL
1980c.fc0: \SystemRoot\System32\kernel32.dll:
2080c.fc0: CreationTime: 2010-11-21T03:24:07.965723400Z
2180c.fc0: LastWriteTime: 2010-11-21T03:24:07.981323400Z
2280c.fc0: ChangeTime: 2012-11-14T06:01:31.534425100Z
2380c.fc0: FileAttributes: 0x20
2480c.fc0: Size: 0x11b800
2580c.fc0: NT Headers: 0xe8
2680c.fc0: Timestamp: 0x4ce7c78b
2780c.fc0: Machine: 0x8664 - amd64
2880c.fc0: Timestamp: 0x4ce7c78b
2980c.fc0: Image Version: 6.1
3080c.fc0: SizeOfImage: 0x11f000 (1175552)
3180c.fc0: Resource Dir: 0x116000 LB 0x528
3280c.fc0: ProductName: Microsoft® Windows® Operating System
3380c.fc0: ProductVersion: 6.1.7601.17514
3480c.fc0: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
3580c.fc0: FileDescription: Windows NT BASE API Client DLL
3680c.fc0: \SystemRoot\System32\KernelBase.dll:
3780c.fc0: CreationTime: 2010-11-21T03:24:26.217755400Z
3880c.fc0: LastWriteTime: 2010-11-21T03:24:26.248955500Z
3980c.fc0: ChangeTime: 2012-11-14T06:01:31.565625200Z
4080c.fc0: FileAttributes: 0x20
4180c.fc0: Size: 0x66800
4280c.fc0: NT Headers: 0xf0
4380c.fc0: Timestamp: 0x4ce7c78c
4480c.fc0: Machine: 0x8664 - amd64
4580c.fc0: Timestamp: 0x4ce7c78c
4680c.fc0: Image Version: 6.1
4780c.fc0: SizeOfImage: 0x6b000 (438272)
4880c.fc0: Resource Dir: 0x69000 LB 0x530
4980c.fc0: ProductName: Microsoft® Windows® Operating System
5080c.fc0: ProductVersion: 6.1.7601.17514
5180c.fc0: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
5280c.fc0: FileDescription: Windows NT BASE API Client DLL
5380c.fc0: \SystemRoot\System32\apisetschema.dll:
5480c.fc0: CreationTime: 2009-07-13T23:18:54.866423200Z
5580c.fc0: LastWriteTime: 2009-07-14T01:24:53.779000000Z
5680c.fc0: ChangeTime: 2012-11-14T06:01:11.160789300Z
5780c.fc0: FileAttributes: 0x20
5880c.fc0: Size: 0x1a00
5980c.fc0: NT Headers: 0xc0
6080c.fc0: Timestamp: 0x4a5bdeab
6180c.fc0: Machine: 0x8664 - amd64
6280c.fc0: Timestamp: 0x4a5bdeab
6380c.fc0: Image Version: 6.1
6480c.fc0: SizeOfImage: 0x50000 (327680)
6580c.fc0: Resource Dir: 0x30000 LB 0x3f0
6680c.fc0: ProductName: Microsoft® Windows® Operating System
6780c.fc0: ProductVersion: 6.1.7600.16385
6880c.fc0: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
6980c.fc0: FileDescription: ApiSet Schema DLL
7080c.fc0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7180c.fc0: supR3HardenedWinFindAdversaries: 0x40
7280c.fc0: \SystemRoot\System32\drivers\kl1.sys:
7380c.fc0: CreationTime: 2009-11-11T11:30:52.000000000Z
7480c.fc0: LastWriteTime: 2009-11-11T11:30:52.000000000Z
7580c.fc0: ChangeTime: 2016-01-09T17:10:25.305880900Z
7680c.fc0: FileAttributes: 0x2020
7780c.fc0: Size: 0x26810
7880c.fc0: NT Headers: 0xd8
7980c.fc0: Timestamp: 0x4afaa047
8080c.fc0: Machine: 0x8664 - amd64
8180c.fc0: Timestamp: 0x4afaa047
8280c.fc0: Image Version: 0.0
8380c.fc0: SizeOfImage: 0x529000 (5410816)
8480c.fc0: Resource Dir: 0x527000 LB 0x408
8580c.fc0: ProductName: Kaspersky Anti-Virus
8680c.fc0: ProductVersion: 1.0.0.0
8780c.fc0: FileVersion: 6.5.0.4
8880c.fc0: FileDescription: Kaspersky Unified Driver
8980c.fc0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
9080c.fc0: Calling main()
9180c.fc0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
9280c.fc0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
9380c.fc0: SUPR3HardenedMain: Respawn #1
9480c.fc0: System32: \Device\HarddiskVolume2\Windows\System32
9580c.fc0: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
9680c.fc0: KnownDllPath: D:\Windows\system32
9780c.fc0: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
9880c.fc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
9980c.fc0: supR3HardNtEnableThreadCreation:
10080c.fc0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778cc320 pvNtTerminateThread=00000000778f1840
10180c.fc0: supR3HardenedWinDoReSpawn(1): New child d70.d3c [kernel32].
10280c.fc0: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd3000 cbPeb=0x380
10380c.fc0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000778a0000 uNtDllChildAddr=00000000778a0000
10480c.fc0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000778cc320
10580c.fc0: supR3HardenedWinSetupChildInit: Start child.
10680c.fc0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
10780c.fc0: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 52 sleeps
10880c.fc0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
10980c.fc0: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
11080c.fc0: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
11180c.fc0: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
11280c.fc0: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
11380c.fc0: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
11480c.fc0: 0000000000041000-fffffffffffe1fff 0x0001/0x0000 0x0000000
11580c.fc0: *00000000000a0000-fffffffffffa3fff 0x0000/0x0004 0x0020000
11680c.fc0: 000000000019c000-0000000000199fff 0x0104/0x0004 0x0020000
11780c.fc0: 000000000019e000-000000000019bfff 0x0004/0x0004 0x0020000
11880c.fc0: 00000000001a0000-ffffffff88a9ffff 0x0001/0x0000 0x0000000
11980c.fc0: *00000000778a0000-00000000778a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12080c.fc0: 00000000778a1000-00000000779a2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12180c.fc0: 00000000779a3000-00000000779d1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12280c.fc0: 00000000779d2000-00000000779ddfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12380c.fc0: 00000000779de000-0000000077a48fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12480c.fc0: 0000000077a49000-00000000704b1fff 0x0001/0x0000 0x0000000
12580c.fc0: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
12680c.fc0: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
12780c.fc0: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
12880c.fc0: 000000007fff0000-ffffffffc0b5ffff 0x0001/0x0000 0x0000000
12980c.fc0: *000000013f480000-000000013f480fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13080c.fc0: 000000013f481000-000000013f4f0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13180c.fc0: 000000013f4f1000-000000013f4f1fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13280c.fc0: 000000013f4f2000-000000013f536fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13380c.fc0: 000000013f537000-000000013f537fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13480c.fc0: 000000013f538000-000000013f538fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13580c.fc0: 000000013f539000-000000013f53dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13680c.fc0: 000000013f53e000-000000013f53efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13780c.fc0: 000000013f53f000-000000013f53ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13880c.fc0: 000000013f540000-000000013f543fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13980c.fc0: 000000013f544000-000000013f58bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
14080c.fc0: 000000013f58c000-fffff8037ef57fff 0x0001/0x0000 0x0000000
14180c.fc0: *000007feffbc0000-000007feffbc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
14280c.fc0: 000007feffbc1000-000007fdff7d1fff 0x0001/0x0000 0x0000000
14380c.fc0: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
14480c.fc0: *000007fffffd3000-000007fffffd1fff 0x0004/0x0004 0x0020000
14580c.fc0: 000007fffffd4000-000007fffffc9fff 0x0001/0x0000 0x0000000
14680c.fc0: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
14780c.fc0: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
14880c.fc0: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
14980c.fc0: VirtualBox.exe: timestamp 0x57220aaf (rc=VINF_SUCCESS)
15080c.fc0: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
15180c.fc0: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
15280c.fc0: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
15380c.fc0: supR3HardNtChildPurify: Done after 540 ms and 0 fixes (loop #0).
15480c.fc0: supR3HardNtEnableThreadCreation:
155d70.d3c: Log file opened: 5.0.20r106931 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
156d70.d3c: supR3HardenedVmProcessInit: uNtDllAddr=00000000778a0000 g_uNtVerCombined=0x611db100
157d70.d3c: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
158d70.d3c: New simple heap: #1 00000000002a0000 LB 0x400000 (for 1740800 allocation)
159d70.d3c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
160d70.d3c: System32: \Device\HarddiskVolume2\Windows\System32
161d70.d3c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
162d70.d3c: KnownDllPath: D:\Windows\system32
163d70.d3c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
164d70.d3c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
165d70.d3c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
166d70.d3c: Registered Dll notification callback with NTDLL.
167d70.d3c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
168d70.d3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
169d70.d3c: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
170d70.d3c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
171d70.d3c: supR3HardenedDllNotificationCallback: load 0000000077780000 LB 0x0011f000 D:\Windows\system32\kernel32.dll [fFlags=0x0]
172d70.d3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
173d70.d3c: supR3HardenedDllNotificationCallback: load 000007fefdaf0000 LB 0x0006b000 D:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
174d70.d3c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
175d70.d3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
176d70.d3c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'D:\Windows\system32\kernel32.dll'
177d70.d3c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778cc320 pvNtTerminateThread=00000000778f1840
17880c.fc0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 20 ms.
179d70.d3c: \SystemRoot\System32\ntdll.dll:
180d70.d3c: CreationTime: 2010-11-21T03:23:51.351694200Z
181d70.d3c: LastWriteTime: 2010-11-21T03:23:51.367294200Z
182d70.d3c: ChangeTime: 2012-11-14T06:01:59.505274200Z
183d70.d3c: FileAttributes: 0x20
184d70.d3c: Size: 0x1a6d60
185d70.d3c: NT Headers: 0xe0
186d70.d3c: Timestamp: 0x4ce7c8f9
187d70.d3c: Machine: 0x8664 - amd64
188d70.d3c: Timestamp: 0x4ce7c8f9
189d70.d3c: Image Version: 6.1
190d70.d3c: SizeOfImage: 0x1a9000 (1740800)
191d70.d3c: Resource Dir: 0x151000 LB 0x560d8
192d70.d3c: ProductName: Microsoft® Windows® Operating System
193d70.d3c: ProductVersion: 6.1.7601.17514
194d70.d3c: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
195d70.d3c: FileDescription: NT Layer DLL
196d70.d3c: \SystemRoot\System32\kernel32.dll:
197d70.d3c: CreationTime: 2010-11-21T03:24:07.965723400Z
198d70.d3c: LastWriteTime: 2010-11-21T03:24:07.981323400Z
199d70.d3c: ChangeTime: 2012-11-14T06:01:31.534425100Z
200d70.d3c: FileAttributes: 0x20
201d70.d3c: Size: 0x11b800
202d70.d3c: NT Headers: 0xe8
203d70.d3c: Timestamp: 0x4ce7c78b
204d70.d3c: Machine: 0x8664 - amd64
205d70.d3c: Timestamp: 0x4ce7c78b
206d70.d3c: Image Version: 6.1
207d70.d3c: SizeOfImage: 0x11f000 (1175552)
208d70.d3c: Resource Dir: 0x116000 LB 0x528
209d70.d3c: ProductName: Microsoft® Windows® Operating System
210d70.d3c: ProductVersion: 6.1.7601.17514
211d70.d3c: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
212d70.d3c: FileDescription: Windows NT BASE API Client DLL
213d70.d3c: \SystemRoot\System32\KernelBase.dll:
214d70.d3c: CreationTime: 2010-11-21T03:24:26.217755400Z
215d70.d3c: LastWriteTime: 2010-11-21T03:24:26.248955500Z
216d70.d3c: ChangeTime: 2012-11-14T06:01:31.565625200Z
217d70.d3c: FileAttributes: 0x20
218d70.d3c: Size: 0x66800
219d70.d3c: NT Headers: 0xf0
220d70.d3c: Timestamp: 0x4ce7c78c
221d70.d3c: Machine: 0x8664 - amd64
222d70.d3c: Timestamp: 0x4ce7c78c
223d70.d3c: Image Version: 6.1
224d70.d3c: SizeOfImage: 0x6b000 (438272)
225d70.d3c: Resource Dir: 0x69000 LB 0x530
226d70.d3c: ProductName: Microsoft® Windows® Operating System
227d70.d3c: ProductVersion: 6.1.7601.17514
228d70.d3c: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
229d70.d3c: FileDescription: Windows NT BASE API Client DLL
230d70.d3c: \SystemRoot\System32\apisetschema.dll:
231d70.d3c: CreationTime: 2009-07-13T23:18:54.866423200Z
232d70.d3c: LastWriteTime: 2009-07-14T01:24:53.779000000Z
233d70.d3c: ChangeTime: 2012-11-14T06:01:11.160789300Z
234d70.d3c: FileAttributes: 0x20
235d70.d3c: Size: 0x1a00
236d70.d3c: NT Headers: 0xc0
237d70.d3c: Timestamp: 0x4a5bdeab
238d70.d3c: Machine: 0x8664 - amd64
239d70.d3c: Timestamp: 0x4a5bdeab
240d70.d3c: Image Version: 6.1
241d70.d3c: SizeOfImage: 0x50000 (327680)
242d70.d3c: Resource Dir: 0x30000 LB 0x3f0
243d70.d3c: ProductName: Microsoft® Windows® Operating System
244d70.d3c: ProductVersion: 6.1.7600.16385
245d70.d3c: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
246d70.d3c: FileDescription: ApiSet Schema DLL
247d70.d3c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
248d70.d3c: supR3HardenedWinFindAdversaries: 0x40
249d70.d3c: \SystemRoot\System32\drivers\kl1.sys:
250d70.d3c: CreationTime: 2009-11-11T11:30:52.000000000Z
251d70.d3c: LastWriteTime: 2009-11-11T11:30:52.000000000Z
252d70.d3c: ChangeTime: 2016-01-09T17:10:25.305880900Z
253d70.d3c: FileAttributes: 0x2020
254d70.d3c: Size: 0x26810
255d70.d3c: NT Headers: 0xd8
256d70.d3c: Timestamp: 0x4afaa047
257d70.d3c: Machine: 0x8664 - amd64
258d70.d3c: Timestamp: 0x4afaa047
259d70.d3c: Image Version: 0.0
260d70.d3c: SizeOfImage: 0x529000 (5410816)
261d70.d3c: Resource Dir: 0x527000 LB 0x408
262d70.d3c: ProductName: Kaspersky Anti-Virus
263d70.d3c: ProductVersion: 1.0.0.0
264d70.d3c: FileVersion: 6.5.0.4
265d70.d3c: FileDescription: Kaspersky Unified Driver
266d70.d3c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
267d70.d3c: Calling main()
268d70.d3c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
269d70.d3c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
270d70.d3c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
271d70.d3c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
272d70.d3c: SUPR3HardenedMain: Respawn #2
273d70.d3c: supR3HardNtEnableThreadCreation:
274d70.d3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
275d70.d3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
276d70.d3c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
277d70.d3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
278d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
279d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
280d70.d3c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
281d70.d3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
282d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
283d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
284d70.d3c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
285d70.d3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
286d70.d3c: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x1000 pwszSearchPath=0000000000000000:<flags> [calling]
287d70.d3c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
288d70.d3c: supR3HardenedDllNotificationCallback: load 000007fefec90000 LB 0x000db000 D:\Windows\system32\ADVAPI32.DLL [fFlags=0x0]
289d70.d3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
290d70.d3c: supR3HardenedDllNotificationCallback: load 000007feff430000 LB 0x0009f000 D:\Windows\system32\msvcrt.dll [fFlags=0x0]
291d70.d3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
292d70.d3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
293d70.d3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
294d70.d3c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
295d70.d3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
296d70.d3c: supR3HardenedDllNotificationCallback: load 000007feff0d0000 LB 0x0001f000 D:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
297d70.d3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
298d70.d3c: supR3HardenedDllNotificationCallback: load 000007feff540000 LB 0x0012d000 D:\Windows\system32\RPCRT4.dll [fFlags=0x0]
299d70.d3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
300d70.d3c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\ADVAPI32.DLL'
301d70.d3c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
302d70.d3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
303d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
304d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
305d70.d3c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
306d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
307d70.d3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
308d70.d3c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
309d70.d3c: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
310d70.d3c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
311d70.d3c: supR3HardenedDllNotificationCallback: load 000007fefd6c0000 LB 0x00057000 D:\Windows\system32\apphelp.dll [fFlags=0x0]
312d70.d3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
313d70.d3c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6c0000 'D:\Windows\system32\apphelp.dll'
314d70.d3c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778cc320 pvNtTerminateThread=00000000778f1840
315d70.d3c: supR3HardenedWinDoReSpawn(2): New child d1c.900 [kernel32].
316d70.d3c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
317d70.d3c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000778a0000 uNtDllChildAddr=00000000778a0000
318d70.d3c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000778cc320
319d70.d3c: supR3HardenedWinSetupChildInit: Start child.
320d70.d3c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
321d70.d3c: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 52 sleeps
322d70.d3c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
323d70.d3c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
324d70.d3c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
325d70.d3c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
326d70.d3c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
327d70.d3c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
328d70.d3c: 0000000000041000-fffffffffff81fff 0x0001/0x0000 0x0000000
329d70.d3c: *0000000000100000-0000000000003fff 0x0000/0x0004 0x0020000
330d70.d3c: 00000000001fc000-00000000001f9fff 0x0104/0x0004 0x0020000
331d70.d3c: 00000000001fe000-00000000001fbfff 0x0004/0x0004 0x0020000
332d70.d3c: 0000000000200000-ffffffff88b5ffff 0x0001/0x0000 0x0000000
333d70.d3c: *00000000778a0000-00000000778a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
334d70.d3c: 00000000778a1000-00000000779a2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
335d70.d3c: 00000000779a3000-00000000779d1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
336d70.d3c: 00000000779d2000-00000000779ddfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
337d70.d3c: 00000000779de000-0000000077a48fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
338d70.d3c: 0000000077a49000-00000000704b1fff 0x0001/0x0000 0x0000000
339d70.d3c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
340d70.d3c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
341d70.d3c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
342d70.d3c: 000000007fff0000-ffffffffc0b5ffff 0x0001/0x0000 0x0000000
343d70.d3c: *000000013f480000-000000013f480fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
344d70.d3c: 000000013f481000-000000013f4f0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
345d70.d3c: 000000013f4f1000-000000013f4f1fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
346d70.d3c: 000000013f4f2000-000000013f536fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
347d70.d3c: 000000013f537000-000000013f537fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
348d70.d3c: 000000013f538000-000000013f538fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
349d70.d3c: 000000013f539000-000000013f53dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
350d70.d3c: 000000013f53e000-000000013f53efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
351d70.d3c: 000000013f53f000-000000013f53ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
352d70.d3c: 000000013f540000-000000013f543fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
353d70.d3c: 000000013f544000-000000013f58bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
354d70.d3c: 000000013f58c000-fffff8037ef57fff 0x0001/0x0000 0x0000000
355d70.d3c: *000007feffbc0000-000007feffbc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
356d70.d3c: 000007feffbc1000-000007fdff7d1fff 0x0001/0x0000 0x0000000
357d70.d3c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
358d70.d3c: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
359d70.d3c: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
360d70.d3c: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
361d70.d3c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
362d70.d3c: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
363d70.d3c: VirtualBox.exe: timestamp 0x57220aaf (rc=VINF_SUCCESS)
364d70.d3c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
365d70.d3c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
366d70.d3c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
367d70.d3c: supR3HardNtChildPurify: Done after 550 ms and 0 fixes (loop #0).
368d1c.900: Log file opened: 5.0.20r106931 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
369d70.d3c: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002a0000 LB 0x400000)
370d1c.900: supR3HardenedVmProcessInit: uNtDllAddr=00000000778a0000 g_uNtVerCombined=0x611db100
371d70.d3c: supR3HardNtEnableThreadCreation:
372d1c.900: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
373d1c.900: New simple heap: #1 0000000000300000 LB 0x400000 (for 1740800 allocation)
374d1c.900: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
375d1c.900: System32: \Device\HarddiskVolume2\Windows\System32
376d1c.900: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
377d1c.900: KnownDllPath: D:\Windows\system32
378d1c.900: supR3HardenedVmProcessInit: Opening vboxdrv...
379d1c.900: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
380d1c.900: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
381d1c.900: Registered Dll notification callback with NTDLL.
382d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
383d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
384d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
385d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
386d1c.900: supR3HardenedDllNotificationCallback: load 0000000077780000 LB 0x0011f000 D:\Windows\system32\kernel32.dll [fFlags=0x0]
387d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
388d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdaf0000 LB 0x0006b000 D:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
389d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
390d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
391d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'D:\Windows\system32\kernel32.dll'
392d1c.900: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778cc320 pvNtTerminateThread=00000000778f1840
393d70.d3c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 30 ms.
394d1c.900: \SystemRoot\System32\ntdll.dll:
395d1c.900: CreationTime: 2010-11-21T03:23:51.351694200Z
396d1c.900: LastWriteTime: 2010-11-21T03:23:51.367294200Z
397d1c.900: ChangeTime: 2012-11-14T06:01:59.505274200Z
398d1c.900: FileAttributes: 0x20
399d1c.900: Size: 0x1a6d60
400d1c.900: NT Headers: 0xe0
401d1c.900: Timestamp: 0x4ce7c8f9
402d1c.900: Machine: 0x8664 - amd64
403d1c.900: Timestamp: 0x4ce7c8f9
404d1c.900: Image Version: 6.1
405d1c.900: SizeOfImage: 0x1a9000 (1740800)
406d1c.900: Resource Dir: 0x151000 LB 0x560d8
407d1c.900: ProductName: Microsoft® Windows® Operating System
408d1c.900: ProductVersion: 6.1.7601.17514
409d1c.900: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
410d1c.900: FileDescription: NT Layer DLL
411d1c.900: \SystemRoot\System32\kernel32.dll:
412d1c.900: CreationTime: 2010-11-21T03:24:07.965723400Z
413d1c.900: LastWriteTime: 2010-11-21T03:24:07.981323400Z
414d1c.900: ChangeTime: 2012-11-14T06:01:31.534425100Z
415d1c.900: FileAttributes: 0x20
416d1c.900: Size: 0x11b800
417d1c.900: NT Headers: 0xe8
418d1c.900: Timestamp: 0x4ce7c78b
419d1c.900: Machine: 0x8664 - amd64
420d1c.900: Timestamp: 0x4ce7c78b
421d1c.900: Image Version: 6.1
422d1c.900: SizeOfImage: 0x11f000 (1175552)
423d1c.900: Resource Dir: 0x116000 LB 0x528
424d1c.900: ProductName: Microsoft® Windows® Operating System
425d1c.900: ProductVersion: 6.1.7601.17514
426d1c.900: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
427d1c.900: FileDescription: Windows NT BASE API Client DLL
428d1c.900: \SystemRoot\System32\KernelBase.dll:
429d1c.900: CreationTime: 2010-11-21T03:24:26.217755400Z
430d1c.900: LastWriteTime: 2010-11-21T03:24:26.248955500Z
431d1c.900: ChangeTime: 2012-11-14T06:01:31.565625200Z
432d1c.900: FileAttributes: 0x20
433d1c.900: Size: 0x66800
434d1c.900: NT Headers: 0xf0
435d1c.900: Timestamp: 0x4ce7c78c
436d1c.900: Machine: 0x8664 - amd64
437d1c.900: Timestamp: 0x4ce7c78c
438d1c.900: Image Version: 6.1
439d1c.900: SizeOfImage: 0x6b000 (438272)
440d1c.900: Resource Dir: 0x69000 LB 0x530
441d1c.900: ProductName: Microsoft® Windows® Operating System
442d1c.900: ProductVersion: 6.1.7601.17514
443d1c.900: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
444d1c.900: FileDescription: Windows NT BASE API Client DLL
445d1c.900: \SystemRoot\System32\apisetschema.dll:
446d1c.900: CreationTime: 2009-07-13T23:18:54.866423200Z
447d1c.900: LastWriteTime: 2009-07-14T01:24:53.779000000Z
448d1c.900: ChangeTime: 2012-11-14T06:01:11.160789300Z
449d1c.900: FileAttributes: 0x20
450d1c.900: Size: 0x1a00
451d1c.900: NT Headers: 0xc0
452d1c.900: Timestamp: 0x4a5bdeab
453d1c.900: Machine: 0x8664 - amd64
454d1c.900: Timestamp: 0x4a5bdeab
455d1c.900: Image Version: 6.1
456d1c.900: SizeOfImage: 0x50000 (327680)
457d1c.900: Resource Dir: 0x30000 LB 0x3f0
458d1c.900: ProductName: Microsoft® Windows® Operating System
459d1c.900: ProductVersion: 6.1.7600.16385
460d1c.900: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
461d1c.900: FileDescription: ApiSet Schema DLL
462d1c.900: NtOpenDirectoryObject failed on \Driver: 0xc0000022
463d1c.900: supR3HardenedWinFindAdversaries: 0x40
464d1c.900: \SystemRoot\System32\drivers\kl1.sys:
465d1c.900: CreationTime: 2009-11-11T11:30:52.000000000Z
466d1c.900: LastWriteTime: 2009-11-11T11:30:52.000000000Z
467d1c.900: ChangeTime: 2016-01-09T17:10:25.305880900Z
468d1c.900: FileAttributes: 0x2020
469d1c.900: Size: 0x26810
470d1c.900: NT Headers: 0xd8
471d1c.900: Timestamp: 0x4afaa047
472d1c.900: Machine: 0x8664 - amd64
473d1c.900: Timestamp: 0x4afaa047
474d1c.900: Image Version: 0.0
475d1c.900: SizeOfImage: 0x529000 (5410816)
476d1c.900: Resource Dir: 0x527000 LB 0x408
477d1c.900: ProductName: Kaspersky Anti-Virus
478d1c.900: ProductVersion: 1.0.0.0
479d1c.900: FileVersion: 6.5.0.4
480d1c.900: FileDescription: Kaspersky Unified Driver
481d1c.900: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
482d1c.900: Calling main()
483d1c.900: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
484d1c.900: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
485d1c.900: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
486d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
487d1c.900: SUPR3HardenedMain: Final process, opening VBoxDrv...
488d1c.900: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000300000 LB 0x400000)
489d1c.900: supR3HardNtEnableThreadCreation:
490d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
491d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
492d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
493d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
494d1c.900: supR3HardenedDllNotificationCallback: load 000007fef3440000 LB 0x00005000 D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
495d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
496d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
497d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
498d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3440000 'D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
499d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
500d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
501d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3440000 'D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
502d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3440000 'D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
503d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
504d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
505d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
506d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
507d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
508d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
509d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
510d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
511d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
512d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
513d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
514d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
515d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
516d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
517d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
518d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
519d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
520d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
521d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
522d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
523d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
524d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
525d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
526d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
527d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
528d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
529d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
530d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
531d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
532d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
533d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
534d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
535d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb80000 LB 0x0003a000 D:\Windows\system32\Wintrust.dll [fFlags=0x0]
536d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
537d1c.900: supR3HardenedDllNotificationCallback: load 000007feff430000 LB 0x0009f000 D:\Windows\system32\msvcrt.dll [fFlags=0x0]
538d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
539d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd8a0000 LB 0x00167000 D:\Windows\system32\CRYPT32.dll [fFlags=0x0]
540d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
541d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd890000 LB 0x0000f000 D:\Windows\system32\MSASN1.dll [fFlags=0x0]
542d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
543d1c.900: supR3HardenedDllNotificationCallback: load 000007feff540000 LB 0x0012d000 D:\Windows\system32\RPCRT4.dll [fFlags=0x0]
544d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
545d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb80000 'D:\Windows\system32\Wintrust.dll'
546d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
547d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
548d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
549d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
550d1c.900: supR3HardenedDllNotificationCallback: load 000007fefcf30000 LB 0x00022000 D:\Windows\system32\bcrypt.dll [fFlags=0x0]
551d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
552d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf30000 'D:\Windows\system32\bcrypt.dll'
553d1c.900: bcrypt.dll loaded at 000007fefcf30000, BCryptOpenAlgorithmProvider at 000007fefcf32640, preloading providers:
554d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
555d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
556d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
557d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
558d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
559d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
560d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
561d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
562d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
563d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
564d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
565d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
566d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
567d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
568d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
569d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
570d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
571d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
572d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
573d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
574d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
575d1c.900: supR3HardenedDllNotificationCallback: load 000007fefca00000 LB 0x0004c000 D:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
576d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
577d1c.900: supR3HardenedDllNotificationCallback: load 000007fefec90000 LB 0x000db000 D:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
578d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
579d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
580d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
581d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
582d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
583d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0d0000 LB 0x0001f000 D:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
584d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
585d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca00000 'D:\Windows\system32\bcryptprimitives.dll'
586d1c.900: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000082acd0)
587d1c.900: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000082db90)
588d1c.900: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000082dcb0)
589d1c.900: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000082dec0)
590d1c.900: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000082dfe0)
591d1c.900: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000082e100)
592d1c.900: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000082e340)
593d1c.900: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000082e460)
594d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
595d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
596d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
597d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
598d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
599d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
600d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
601d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
602d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
603d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
604d1c.900: supR3HardenedDllNotificationCallback: load 000007fefcdc0000 LB 0x00017000 D:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
605d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
606d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdc0000 'D:\Windows\system32\CRYPTSP.dll'
607d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
608d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
609d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
610d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
611d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
612d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
613d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
614d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
615d1c.900: supR3HardenedDllNotificationCallback: load 000007fefcac0000 LB 0x00047000 D:\Windows\system32\rsaenh.dll [fFlags=0x0]
616d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
617d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcac0000 'D:\Windows\system32\rsaenh.dll'
618d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
619d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
620d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\ADVAPI32.dll'
621d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
622d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
623d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
624d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
625d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd720000 LB 0x0000f000 D:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
626d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
627d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'D:\Windows\system32\CRYPTBASE.dll'
628d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
629d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
630d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'D:\Windows\system32\kernel32.dll'
631d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
632d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
633d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb80000 'D:\Windows\system32\WINTRUST.DLL'
634d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
635d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
636d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8a0000 'D:\Windows\system32\CRYPT32.dll'
637d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
638d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
639d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
640d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
641d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
642d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
643d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
644d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
645d1c.900: supR3HardenedDllNotificationCallback: load 000007feffaf0000 LB 0x00017000 D:\Windows\system32\imagehlp.dll [fFlags=0x0]
646d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
647d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffaf0000 'D:\Windows\system32\imagehlp.dll'
648d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
649d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
650d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdc0000 'D:\Windows\system32\CRYPTSP.dll'
651d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
652d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
653d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
654d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
655d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
656d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
657d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
658d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
659d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
660d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
661d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
662d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
663d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
664d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
665d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
666d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
667d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
668d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
669d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
670d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
671d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
672d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
673d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
674d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
675d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
676d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
677d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
678d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
679d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
680d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
681d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
682d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
683d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
684d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
685d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
686d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
687d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
688d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
689d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
690d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
691d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
692d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
693d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
694d1c.900: supR3HardenedDllNotificationCallback: load 0000000077680000 LB 0x000fa000 D:\Windows\system32\USER32.dll [fFlags=0x0]
695d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
696d1c.900: supR3HardenedDllNotificationCallback: load 000007feff4d0000 LB 0x00067000 D:\Windows\system32\GDI32.dll [fFlags=0x0]
697d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
698d1c.900: supR3HardenedDllNotificationCallback: load 000007feff8c0000 LB 0x0000e000 D:\Windows\system32\LPK.dll [fFlags=0x0]
699d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
700d1c.900: supR3HardenedDllNotificationCallback: load 000007feff670000 LB 0x000c9000 D:\Windows\system32\USP10.dll [fFlags=0x0]
701d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
702d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
703d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
704d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'D:\Windows\system32\gdi32.dll'
705d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
706d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
707d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
708d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
709d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
710d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
711d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
712d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
713d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
714d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
715d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
716d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
717d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
718d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
719d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
720d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
721d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
722d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
723d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
724d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
725d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
726d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
727d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
728d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
729d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
730d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
731d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
732d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
733d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
734d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
735d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
736d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
737d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
738d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbc0000 LB 0x0002e000 D:\Windows\system32\IMM32.DLL [fFlags=0x0]
739d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
740d1c.900: supR3HardenedDllNotificationCallback: load 000007feff7b0000 LB 0x00109000 D:\Windows\system32\MSCTF.dll [fFlags=0x0]
741d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
742d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbc0000 'D:\Windows\system32\IMM32.DLL'
743d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077680000 'D:\Windows\system32\USER32.dll'
744d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
745d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
746d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
747d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
748d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
749d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
750d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
751d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
752d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
753d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
754d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
755d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
756d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
757d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
758d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
759d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
760d1c.900: supR3HardenedDllNotificationCallback: load 000007fefcf60000 LB 0x0004e000 D:\Windows\system32\ncrypt.dll [fFlags=0x0]
761d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
762d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf60000 'D:\Windows\system32\ncrypt.dll'
763d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
764d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
765d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf30000 'D:\Windows\system32\bcrypt.dll'
766d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
767d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
768d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
769d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
770d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
771d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
772d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
773d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
774d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
775d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
776d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
777d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
778d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
779d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
780d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
781d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
782d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
783d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
784d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
785d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
786d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
787d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd1c0000 LB 0x0001e000 D:\Windows\system32\USERENV.dll [fFlags=0x0]
788d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
789d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
790d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd7f0000 LB 0x0000f000 D:\Windows\system32\profapi.dll [fFlags=0x0]
791d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
792d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1c0000 'D:\Windows\system32\USERENV.dll'
793d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
794d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
795d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
796d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
797d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
798d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
799d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
800d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
801d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
802d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
803d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
804d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
805d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
806d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
807d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
808d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
809d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd1a0000 LB 0x0001b000 D:\Windows\system32\GPAPI.dll [fFlags=0x0]
810d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
811d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1a0000 'D:\Windows\system32\GPAPI.dll'
812d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
813d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
814d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
815d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
816d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff540000 'D:\Windows\system32\rpcrt4.dll'
817d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
818d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
819d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
820d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
821d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
822d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'crypt32.dll'.
823d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wldap32.dll'.
824d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
825d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
826d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
827d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
828d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
829d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
830d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
831d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
832d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
833d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
834d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
835d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
836d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
837d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
838d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
839d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
840d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
841d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
842d1c.900: supR3HardenedDllNotificationCallback: load 000007fefb690000 LB 0x00026000 D:\Windows\system32\cryptnet.dll [fFlags=0x0]
843d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
844d1c.900: supR3HardenedDllNotificationCallback: load 000007feff750000 LB 0x00052000 D:\Windows\system32\WLDAP32.dll [fFlags=0x0]
845d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
846d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
847d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
848d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
849d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
850d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
851d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
852d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
853d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
854d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
855d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
856d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
857d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
858d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
859d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
860d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
861d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
862d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
863d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
864d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
865d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
866d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
867d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
868d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
869d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
870d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
871d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
872d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
873d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
874d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
875d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
876d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
877d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
878d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
879d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
880d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
881d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
882d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
883d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
884d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
885d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
886d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
887d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
888d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
889d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
890d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
891d1c.900: supR3HardenedDllNotificationCallback: load 000007fefefd0000 LB 0x00071000 D:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
892d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
893d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefefd0000 'D:\Windows\system32\SHLWAPI.dll'
894d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
895d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
896d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
897d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
898d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd7f0000 'D:\Windows\system32\profapi.dll'
899d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
900d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
901d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
902d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
903d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
904d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
905d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
906d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)
907d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
908d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
909d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
910d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
911d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
912d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
913d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
914d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
915d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
916d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
917d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
918d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
919d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
920d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
921d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)
922d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
923d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
924d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
925d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
926d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
927d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
928d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
929d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
930d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
931d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
932d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
933d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
934d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
935d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
936d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
937d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
938d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
939d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
940d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
941d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
942d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
943d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
944d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
945d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
946d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
947d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
948d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
949d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
950d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
951d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
952d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
953d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
954d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
955d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
956d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
957d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
958d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
959d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
960d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
961d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
962d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
963d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
964d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
965d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
966d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
967d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
968d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
969d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)
970d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
971d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
972d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
973d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
974d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
975d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
976d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
977d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
978d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
979d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
980d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
981d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
982d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
983d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
984d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
985d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
986d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
987d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
988d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
989d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
990d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
991d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
992d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
993d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
994d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
995d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
996d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
997d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
998d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
999d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1000d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust]
1001d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1002d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1003d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1004d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1005d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cabinet.dll)
1006d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cabinet.dll
1007d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1008d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1009d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1010d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1011d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
1012d1c.900: supR3HardenedDllNotificationCallback: load 000007fef3420000 LB 0x0001b000 D:\Windows\system32\Cabinet.dll [fFlags=0x0]
1013d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
1014d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1015d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1016d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devrtl.dll)
1017d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devrtl.dll
1018d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1019d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1020d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1021d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1022d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
1023d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd3c0000 LB 0x00012000 D:\Windows\system32\DEVRTL.dll [fFlags=0x0]
1024d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
1025d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1026d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1027d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1028d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1029d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1030d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1031d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
1032d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1033d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
1034d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1035d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
1036d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1037d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
1038d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1039d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
1040d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1041d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
1042d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1043d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust]
1044d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1045d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1046d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1047d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
1048d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1049d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1050d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
1051d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1052d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1053d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1054d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1055d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1056d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1057d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1058d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1059d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb690000 'D:\Windows\system32\cryptnet.dll'
1060d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1061d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008257f0
1062d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1063d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6463B603CF12442718467D754A1EDC45CE1D6E7E
1064d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1065d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1066d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1067d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1068d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1069d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
1070d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1071d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1072d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\ADVAPI32.dll'
1073d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1074d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1075d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1076d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1077d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\SystemRoot\System32\ntdll.dll'
1078d1c.900: g_pfnWinVerifyTrust=000007fefdb81010
1079d1c.900: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1080d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
1081d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1082d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1083d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=766DAE0DAEDFFD0DB96611658C619DD5922D2FEC
1084d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1085d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1086d1c.900: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1087d1c.900: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1088d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
1089d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1090d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1091d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E8D9B442D9CC38B2D0501106E104A42A4EE0B238
1092d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1093d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1094d1c.900: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1095d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003ec pwszName=\Device\HarddiskVolume2\Windows\System32\devrtl.dll
1096d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1097d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1098d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
1099d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
1100d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1101d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
1102d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003e0 pwszName=\Device\HarddiskVolume2\Windows\System32\cabinet.dll
1103d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1104d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1105d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D1555851298EA005A2E9FEA027F5898BC240083
1106d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cabinet.dll'
1107d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1108d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cabinet.dll'
1109d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a8 pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
1110d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1111d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1112d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
1113d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1114d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1115d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1116d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a4 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1117d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1118d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1119d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
1120d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1121d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1122d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1123d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a0 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1124d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1125d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1126d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=26A5C3FE898CBD66951D3BC65E742E0BE561E69B
1127d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1128d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1129d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1130d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000039c pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
1131d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1132d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1133d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
1134d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1135d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1136d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1137d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000398 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
1138d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1139d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1140d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
1141d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1142d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1143d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1144d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1145d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1146d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1147d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
1148d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1149d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1150d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1151d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1152d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1153d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1154d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
1155d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1156d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1157d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1158d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000037c pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1159d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1160d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1161d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CA2FE16E05087DA5C24DC5EB2EE8053CDA5DE9A9
1162d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1163d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1164d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1165d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000258 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
1166d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1167d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1168d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
1169d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1170d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1171d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1172d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
1173d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1174d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1175d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
1176d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1177d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1178d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1179d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
1180d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1181d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1182d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
1183d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1184d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1185d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1186d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001ac pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
1187d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1188d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1189d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3D482C50075646C922DC6A66C97956C5060C361B
1190d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1191d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1192d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1193d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
1194d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1195d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1196d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
1197d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1198d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1199d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1200d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
1201d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1202d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1203d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
1204d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1205d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1206d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1207d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
1208d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1209d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1210d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=97AE9B5B40144F2794F30A891013393C80D631A1
1211d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1212d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1213d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1214d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
1215d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1216d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1217d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A42DFBB8A3A26D2178D79D34DA1CE275E2A0BE37
1218d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1219d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1220d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1221d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
1222d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1223d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1224d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8F7179D2AEB0FEB168A01D182223AC2D7B8F331
1225d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1226d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1227d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1228d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
1229d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1230d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1231d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
1232d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
1233d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1234d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
1235d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
1236d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1237d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1238d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFE89CF1060867A10BD3963894BCDB4D3058F804
1239d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1240d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1241d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1242d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1243d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1244d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1245d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
1246d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1247d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1248d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1249d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
1250d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000012c pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1251d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1252d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1253d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
1254d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1255d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1256d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1257d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
1258d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1259d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1260d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
1261d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1262d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1263d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1264d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
1265d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1266d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1267d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBCDF817D89920EE3139FB7E090744EB36A4A21B
1268d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1269d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1270d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1271d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
1272d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1273d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1274d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1275d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
1276d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1277d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1278d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1279d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1280d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1281d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1282d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBEAC8C0FA88C88B540ACFE0683B1810C077AA53
1283d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1284d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1285d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1286d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
1287d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1288d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1289d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1290d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1291d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1292d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1293d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1294d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1295d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1296d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BC4D9E909DFDD2EE8BA1A5C857D73D49EBE7952C
1297d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1298d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1299d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1300d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1301d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1302d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1303d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1304d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1305d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1306d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1307d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1308d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1309d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1310d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1311d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1312d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1313d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1314d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1315d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1316d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll
1317d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1318d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1319d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll
1320d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1321d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1322d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1323d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1324d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1325d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1326d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1327d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1328d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1329d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1330d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1331d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=06FEC3C858DB28D2F4BFBDA99AF14D4747A8C5D4
1332d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1333d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1334d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1335d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
1336d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1337d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1338d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D7AE634A00F24BBD4AE27DEA9BCCCE222DE9897B
1339d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1340d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1341d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1342d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1343d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1344d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8a0000 'D:\Windows\system32\crypt32.dll'
1345d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x709f566936e0e546 CN=NGO
1346d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1347d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1348d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1349d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1350d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1351d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1352d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x2cbc61d258f6ba9d CN=libusb-win32 (PS_Vita_Type_B.inf) [Self]
1353d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1354d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1355d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1356d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1357d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1358d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1359d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1360d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1361d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1362d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1363d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1364d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1365d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1366d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1367d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1368d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1369d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1370d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1371d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1372d1c.900: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1373d1c.900: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=28
1374d1c.900: SUPR3HardenedMain: Load Runtime...
1375d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1376d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1377d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1378d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1379d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1380d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1381d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1382d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1383d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1384d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1385d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1386d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1387d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll
1388d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1389d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1390d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll
1391d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1392d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1393d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1394d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1395d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1396d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1397d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1398d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1399d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1400d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1401d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1402d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1403d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1404d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1405d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1406d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1407d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1408d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003dc pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1409d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1410d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1411d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
1412d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
1413d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1414d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1415d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1416d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1417d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
1418d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1419d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1420d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1421d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1422d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1423d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\nsi.dll'.
1424d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)
1425d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
1426d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1427d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1428d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1429d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1430d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1431d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1432d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1433d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1434d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1435d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1436d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1437d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1438d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1439d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1440d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1441d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1442d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll
1443d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1444d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1445d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll
1446d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1447d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1448d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1449d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1450d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1451d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1452d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1453d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1454d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1455d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1456d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1457d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1458d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1459d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1460d1c.900: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1461d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)
1462d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1463d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1464d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1465d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1466d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1467d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1468d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1469d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1470d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1471d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1472d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1473d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1474d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1475d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1476d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll
1477d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1478d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1479d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll
1480d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1481d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1482d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1483d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1484d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1485d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1486d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1487d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1488d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1489d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1490d1c.900: supR3HardenedDllNotificationCallback: load 000007fef2480000 LB 0x0050f000 D:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1491d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1492d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1493d1c.900: supR3HardenedDllNotificationCallback: load 0000000071770000 LB 0x000d2000 D:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1494d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1495d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1496d1c.900: supR3HardenedDllNotificationCallback: load 0000000071890000 LB 0x00098000 D:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1497d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1498d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdeb0000 LB 0x0004d000 D:\Windows\system32\WS2_32.dll [fFlags=0x0]
1499d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1500d1c.900: supR3HardenedDllNotificationCallback: load 000007feff740000 LB 0x00008000 D:\Windows\system32\NSI.dll [fFlags=0x0]
1501d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
1502d1c.900: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1503d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1504d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\nsi.dll'.
1505d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
1506d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1507d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1508d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1509d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1510d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1511d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1512d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1513d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1514d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1515d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1516d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1517d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1518d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1519d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1520d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1521d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1522d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1523d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1524d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1525d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1526d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1527d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1528d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1529d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1530d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1531d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1532d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1533d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1534d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1535d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1536d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1537d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1538d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1539d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1540d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1541d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1542d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1543d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1544d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1545d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1546d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1547d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1548d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1549d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1550d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;.;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1551d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1552d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1553d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1554d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2480000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1555d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1556d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1557d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb80000 'D:\Windows\system32\Wintrust.dll'
1558d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1559d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1560d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8a0000 'D:\Windows\system32\crypt32.dll'
1561d1c.900: SUPR3HardenedMain: Load TrustedMain...
1562d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1563d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1564d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1565d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1566d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1567d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1568d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1569d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1570d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1571d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1572d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1573d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1574d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll
1575d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1576d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1577d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll
1578d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1579d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1580d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1581d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1582d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1583d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1584d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1585d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1586d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1587d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1588d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1589d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1590d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
1591d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtopenglvbox4.dll'.
1592d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1593d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1594d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'.
1595d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'shell32.dll'.
1596d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
1597d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
1598d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'.
1599d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
1600d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1601d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1602d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1603d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003f4 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
1604d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1605d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1606d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1607d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
1608d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1609d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1610d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1611d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
1612d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1613d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1614d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1615d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1616d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1617d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1618d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1619d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1620d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1621d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000440 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
1622d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
1623d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
1624d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCF00DB9BBECF4126AB4076577BBA73C0F94BDF9
1625d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
1626d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1627d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1628d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1629d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1630d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1631d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) WinVerifyTrust
1632d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1633d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1634d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1635d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1636d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1637d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1638d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1639d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1640d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
1641d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
1642d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1643d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1644d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1645d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1646d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1647d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1648d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1649d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1650d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1651d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1652d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1653d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1654d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1655d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1656d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1657d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1658d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1659d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1660d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1661d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1662d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1663d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1664d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1665d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1666d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1667d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1668d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1669d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1670d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1671d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1672d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1673d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1674d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
1675d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1676d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1677d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) WinVerifyTrust
1678d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1679d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1680d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1681d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1682d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1683d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1684d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1685d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1686d1c.900: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'.
1687d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1688d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1689d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1690d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
1691d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1692d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1693d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
1694d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1695d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1696d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1697d1c.900: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
1698d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1699d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
1700d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
1701d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1702d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1703d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1704d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
1705d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1706d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
1707d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
1708d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
1709d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
1710d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
1711d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
1712d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1713d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1714d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1715d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1716d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1717d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1718d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1719d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'.
1720d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1721d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1722d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1723d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1724d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1725d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1726d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)
1727d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1728d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1729d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1730d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
1731d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1732d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1733d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\ddraw.dll'.
1734d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1735d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1736d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1737d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1738d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1739d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1740d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)
1741d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1742d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1743d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1744d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1745d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1746d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1747d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1748d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)
1749d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1750d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1751d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1752d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1753d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1754d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1755d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1756d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1757d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1758d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1759d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1760d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1761d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1762d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1763d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1764d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1765d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
1766d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1767d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1768d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1769d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1770d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1771d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1772d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1773d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1774d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1775d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1776d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1777d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1778d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\winspool.drv'.
1779d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1780d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1781d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1782d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)
1783d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
1784d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1785d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1786d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1787d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1788d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1789d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1790d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1791d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1792d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1793d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1794d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'.
1795d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1796d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1797d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1798d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1799d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1800d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1801d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)
1802d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1803d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1804d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1805d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1806d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1807d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1808d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1809d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1810d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1811d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1812d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1813d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1814d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1815d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1816d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1817d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1818d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1819d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1820d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1821d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1822d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1823d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1824d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1825d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
1826d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\comctl32.dll'.
1827d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1828d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1829d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1830d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)
1831d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
1832d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1833d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1834d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1835d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1836d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1837d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1838d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1839d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1840d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1841d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1842d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1843d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1844d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1845d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1846d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1847d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1848d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1849d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1850d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1851d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1852d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1853d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1854d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1855d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1856d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1857d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'.
1858d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1859d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1860d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1861d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)
1862d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1863d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1864d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1865d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1866d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1867d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1868d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1869d1c.900: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
1870d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1871d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1872d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1873d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)
1874d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1875d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1876d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1877d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1878d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1879d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1880d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1881d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1882d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1883d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1884d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1885d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1886d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1887d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1888d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1889d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1890d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1891d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1892d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1893d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1894d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1895d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1896d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1897d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1898d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1899d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1900d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1901d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1902d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1903d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1904d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1905d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1906d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1907d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1908d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1909d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1910d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1911d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1912d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1913d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1914d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
1915d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
1916d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1917d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1918d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1919d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
1920d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1921d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
1922d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
1923d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
1924d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
1925d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
1926d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll) WinVerifyTrust
1927d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1928d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1929d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [redoing WinVerifyTrust]
1930d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1931d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1932d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1933d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1934d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1935d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1936d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1937d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1938d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
1939d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1940d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1941d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1942d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1943d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1944d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1945d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1946d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1947d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1948d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1949d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1950d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust]
1951d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1952d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1953d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1954d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1955d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1956d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1957d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1958d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1959d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1960d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1961d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
1962d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1963d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1964d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1965d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1966d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1967d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1968d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1969d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1970d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1971d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1972d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1973d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1974d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1975d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1976d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1977d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1978d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1979d1c.900: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'
1980d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1981d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1982d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
1983d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1984d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [fFlags=0x0]
1985d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1986d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1987d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
1988d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1989d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
1990d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1991d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
1992d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
1993d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
1994d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\setupapi.dll [flags=0x0]
1995d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [flags=0x0]
1996d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [flags=0x0]
1997d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [flags=0x0]
1998d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [flags=0x0]
1999d1c.900: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
2000d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2001d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2002d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2003d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2004d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2005d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
2006d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
2007d1c.900: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
2008d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000434 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
2009d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2010d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2011d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
2012d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
2013d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2014d1c.900: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
2015d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2016d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
2017d1c.900: supR3HardenedDllNotificationCallback: load 000007fef1bc0000 LB 0x008c0000 D:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
2018d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
2019d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2020d1c.900: supR3HardenedDllNotificationCallback: load 000007fef2d80000 LB 0x0011d000 D:\Windows\system32\OPENGL32.dll [fFlags=0x0]
2021d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2022d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
2023d1c.900: supR3HardenedDllNotificationCallback: load 000007fef33f0000 LB 0x0002d000 D:\Windows\system32\GLU32.dll [fFlags=0x0]
2024d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
2025d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
2026d1c.900: supR3HardenedDllNotificationCallback: load 000007fef56a0000 LB 0x000f1000 D:\Windows\system32\DDRAW.dll [fFlags=0x0]
2027d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
2028d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
2029d1c.900: supR3HardenedDllNotificationCallback: load 000007fefbb40000 LB 0x00008000 D:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
2030d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
2031d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdbf0000 LB 0x001d7000 D:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
2032d1c.900: supR3HardenedDllNotificationCallback: load 000007fefda10000 LB 0x00036000 D:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
2033d1c.900: supR3HardenedDllNotificationCallback: load 000007fefddd0000 LB 0x000d7000 D:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
2034d1c.900: supR3HardenedDllNotificationCallback: load 000007feff0f0000 LB 0x00203000 D:\Windows\system32\ole32.dll [fFlags=0x0]
2035d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2036d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0001a000 D:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
2037d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
2038d1c.900: supR3HardenedDllNotificationCallback: load 000007fefbb70000 LB 0x00018000 D:\Windows\system32\dwmapi.dll [fFlags=0x0]
2039d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
2040d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2041d1c.900: supR3HardenedDllNotificationCallback: load 0000000071490000 LB 0x002de000 D:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
2042d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2043d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [avoiding WinVerifyTrust]
2044d1c.900: supR3HardenedDllNotificationCallback: load 000000006d750000 LB 0x0096c000 D:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
2045d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [avoiding WinVerifyTrust]
2046d1c.900: supR3HardenedDllNotificationCallback: load 000007feffb10000 LB 0x00097000 D:\Windows\system32\COMDLG32.dll [fFlags=0x0]
2047d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [avoiding WinVerifyTrust]
2048d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
2049d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2050d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2051d1c.900: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll)
2052d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
2053d1c.900: supR3HardenedDllNotificationCallback: load 000007fef2ce0000 LB 0x000a0000 D:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\COMCTL32.dll [fFlags=0x0]
2054d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [avoiding WinVerifyTrust]
2055d1c.900: supR3HardenedDllNotificationCallback: load 000007fefdf00000 LB 0x00d88000 D:\Windows\system32\SHELL32.dll [fFlags=0x0]
2056d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2057d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2058d1c.900: supR3HardenedDllNotificationCallback: load 000007fef8af0000 LB 0x0003b000 D:\Windows\system32\WINMM.dll [fFlags=0x0]
2059d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2060d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
2061d1c.900: supR3HardenedDllNotificationCallback: load 000007fefa060000 LB 0x00071000 D:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
2062d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
2063d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
2064d1c.900: supR3HardenedDllNotificationCallback: load 00000000713b0000 LB 0x000dc000 D:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
2065d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
2066d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'.
2067d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll' [rescheduled]
2068d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
2069d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]
2070d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'.
2071d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]
2072d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\comctl32.dll'.
2073d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rescheduled]
2074d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'.
2075d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rescheduled]
2076d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\winspool.drv'.
2077d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rescheduled]
2078d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
2079d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
2080d1c.900: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\ddraw.dll'.
2081d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]
2082d1c.900: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
2083d1c.900: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll' [rescheduled]
2084d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2085d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2086d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
2087d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2088d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2089d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2090d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2091d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2092d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2093d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2094d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbc0000 'D:\Windows\system32\imm32.dll'
2095d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1bc0000 'D:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
2096d1c.900: SUPR3HardenedMain: Calling TrustedMain (000007fef1bc1020)...
2097d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2098d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2099d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
2100d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000504 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2101d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2102d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2103d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
2104d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
2105d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2106d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2107d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2108d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
2109d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
2110d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2111d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2112d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2113d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2114d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2115d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2116d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2117d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008bb460:D:\Windows\system32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2118d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2119d1c.900: supR3HardenedDllNotificationCallback: load 000007fefbf40000 LB 0x00056000 D:\Windows\system32\uxtheme.dll [fFlags=0x0]
2120d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2121d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'D:\Windows\system32\uxtheme.dll'
2122d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2123d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008bb460:D:\Windows\system32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2124d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'D:\Windows\system32\uxtheme.dll'
2125d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2126d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008bb460:D:\Windows\system32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2127d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'D:\Windows\system32\uxtheme.dll'
2128d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2129d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008bb460:D:\Windows\system32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2130d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'D:\Windows\system32\uxtheme.dll'
2131d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [redoing WinVerifyTrust]
2132d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000044c pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2133d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2134d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2135d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
2136d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
2137d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2138d1c.900: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
2139d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2140d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbb70000 'D:\Windows\system32\dwmapi.dll'
2141d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
2142d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2143d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'D:\Windows\system32\CRYPTBASE.dll'
2144d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2145d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2146d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf00000 'D:\Windows\system32\shell32.dll'
2147d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2148d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2149d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'D:\Windows\system32\kernel32.dll'
2150d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2151d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2152d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'D:\Windows\system32\uxtheme.dll'
2153d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2154d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2155d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'D:\Windows\system32\uxtheme.dll'
2156d1c.900: supR3HardenedMonitor_LdrLoadDll: error opening 'D:\Windows\system32\wintab32.dll': 0 (NtPath=\??\D:\Windows\system32\wintab32.dll; Input=D:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2157d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2158d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'D:\Windows\system32\wintab32.dll'
2159d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077680000 'D:\Windows\system32\user32.dll'
2160d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2161d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2162d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'D:\Windows\system32\uxtheme.dll'
2163d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077680000 'D:\Windows\system32\user32.dll'
2164d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\advapi32.dll'
2165d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
2166d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2167d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1c0000 'D:\Windows\system32\userenv.dll'
2168d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2169d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2170d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'D:\Windows\system32\kernel32.dll'
2171d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000564 pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2172d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2173d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2174d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
2175d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
2176d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2177d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2178d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2179d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2180d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2181d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2182d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2183d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll) WinVerifyTrust
2184d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2185d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2186d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2187d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2188d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2189d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2190d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2191d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2192d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2193d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2194d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2195d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2196d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2197d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2198d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2199d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2200d1c.900: supR3HardenedDllNotificationCallback: load 000007feffa50000 LB 0x00099000 D:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
2201d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2202d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa50000 'D:\Windows\system32\CLBCatQ.DLL'
2203d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\ADVAPI32.dll'
2204d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
2205d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2206d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdc0000 'D:\Windows\system32\CRYPTSP.dll'
2207d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000584 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2208d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2209d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2210d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
2211d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
2212d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2213d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2214d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
2215d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2216d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2217d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2218d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2219d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2220d1c.900: supR3HardenedDllNotificationCallback: load 000007fefd7d0000 LB 0x00014000 D:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
2221d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2222d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd7d0000 'D:\Windows\system32\RpcRtRemote.dll'
2223d1c.6c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2224d1c.6c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3420000 'D:\Windows\system32\Cabinet.dll'
2225d1c.6c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'D:\Windows\system32\DEVRTL.dll'
2226d1c.6c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2227d1c.6c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2228d1c.6c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2229d1c.6c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2230d1c.6c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2231d1c.6c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2232d1c.6c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2233d1c.6c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2234d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2235d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2236d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2237d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2238d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2239d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2240d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2241d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2242d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2243d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2244d1c.6c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2245d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2246d1c.6c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2247d1c.6c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
2248d1c.6c0: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2249d1c.6c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2250d1c.6c0: supR3HardenedDllNotificationCallback: load 000007fef16c0000 LB 0x004fe000 D:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2251d1c.6c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2252d1c.6c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef16c0000 'D:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2253d1c.6c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddd0000 'D:\Windows\system32\oleaut32.dll'
2254d1c.6c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005e4 pwszName=\Device\HarddiskVolume2\Windows\System32\sxs.dll
2255d1c.6c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2256d1c.6c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2257d1c.6c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
2258d1c.6c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\sxs.dll'
2259d1c.6c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2260d1c.6c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sxs.dll) WinVerifyTrust
2261d1c.6c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sxs.dll
2262d1c.6c0: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\SXS.DLL (Input=SXS.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2263d1c.6c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
2264d1c.6c0: supR3HardenedDllNotificationCallback: load 000007fefd730000 LB 0x00091000 D:\Windows\system32\SXS.DLL [fFlags=0x0]
2265d1c.6c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
2266d1c.6c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd730000 'D:\Windows\system32\SXS.DLL'
2267d1c.6c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2268d1c.6c0: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2269d1c.6c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\ADVAPI32.dll'
2270d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddd0000 'D:\Windows\system32\OLEAUT32.dll'
2271d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\ADVAPI32.dll'
2272d1c.900: supR3HardenedMonitor_LdrLoadDll: error opening 'D:\Windows\system32\wintab32.dll': 0 (NtPath=\??\D:\Windows\system32\wintab32.dll; Input=D:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2273d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2274d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'D:\Windows\system32\wintab32.dll'
2275d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'D:\Windows\system32\gdi32.dll'
2276d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
2277d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\user32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2278d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077680000 'D:\Windows\system32\user32.dll'
2279d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2280d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2281d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf00000 'D:\Windows\system32\shell32.dll'
2282d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0f0000 'D:\Windows\system32\ole32.dll'
2283d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
2284d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000034b5e10:D:\Windows\system32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2285d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff7b0000 'D:\Windows\system32\MSCTF.dll'
2286d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0f0000 'D:\Windows\system32\ole32.dll'
2287d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddd0000 'D:\Windows\system32\OLEAUT32.dll'
2288d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009e4 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2289d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2290d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2291d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
2292d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
2293d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2294d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2295d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
2296d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2297d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2298d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
2299d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
2300d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2301d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2302d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2303d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2304d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2305d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2306d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2307d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2308d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2309d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2310d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2311d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2312d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2313d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009fc pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2314d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2315d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2316d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
2317d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
2318d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2319d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2320d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
2321d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2322d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2323d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
2324d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll) WinVerifyTrust
2325d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2326d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2327d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2328d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2329d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2330d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2331d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2332d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2333d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2334d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2335d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2336d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2337d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2338d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2339d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000034b7330:D:\Windows\system32\wbem;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2340d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2341d1c.900: supR3HardenedDllNotificationCallback: load 000007fefa250000 LB 0x0000f000 D:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2342d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2343d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2344d1c.900: supR3HardenedDllNotificationCallback: load 000007fef7780000 LB 0x00086000 D:\Windows\system32\wbemcomn.dll [fFlags=0x0]
2345d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2346d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2347d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2348d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa250000 'D:\Windows\system32\wbem\wbemprox.dll'
2349d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a24 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2350d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2351d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2352d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
2353d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
2354d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2355d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2356d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2357d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2358d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2359d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2360d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2361d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2362d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2363d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000034b7330:D:\Windows\system32\wbem;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2364d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2365d1c.900: supR3HardenedDllNotificationCallback: load 000007fef6ea0000 LB 0x00014000 D:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2366d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2367d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ea0000 'D:\Windows\system32\wbem\wbemsvc.dll'
2368d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a1c pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2369d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2370d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2371d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
2372d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
2373d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2374d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2375d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
2376d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2377d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2378d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2379d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
2380d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2381d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2382d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
2383d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
2384d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a30 pwszName=\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2385d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2386d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2387d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
2388d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
2389d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2390d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2391d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
2392d1c.900: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
2393d1c.900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll) WinVerifyTrust
2394d1c.900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2395d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2396d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2397d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2398d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2399d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2400d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2401d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2402d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2403d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2404d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2405d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2406d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2407d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2408d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2409d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2410d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2411d1c.900: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
2412d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2413d1c.900: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2414d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000034b7330:D:\Windows\system32\wbem;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2415d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2416d1c.900: supR3HardenedDllNotificationCallback: load 000007fef74f0000 LB 0x000e2000 D:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2417d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2418d1c.900: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2419d1c.900: supR3HardenedDllNotificationCallback: load 000007fef74c0000 LB 0x00027000 D:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
2420d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2421d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef74f0000 'D:\Windows\system32\wbem\fastprox.dll'
2422d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddd0000 'D:\Windows\system32\OLEAUT32.dll'
2423d1c.900: supR3HardenedMonitor_LdrLoadDll: 'D:\Windows\system32\comctl32.dll' -> 'D:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll' [redir]
2424d1c.900: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [redoing WinVerifyTrust]
2425d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
2426d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2427d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2428d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4D3B2DA266DE92D9E1311E30C810160CDC5BD5AA
2429d1c.900: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'
2430d1c.900: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2431d1c.900: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'
2432d1c.900: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll (Input=D:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2433d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2ce0000 'D:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'
2434d1c.900: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddd0000 'D:\Windows\system32\OLEAUT32.DLL'
2435d1c.d24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2436d1c.d24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2437d1c.d24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
2438d1c.d24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2439d1c.d24: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
2440d1c.d24: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2441d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2442d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2443d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
2444d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
2445d1c.d24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2446d1c.d24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
2447d1c.d24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2448d1c.d24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2449d1c.d24: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
2450d1c.d24: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2451d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2452d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2453d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2454d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2455d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2456d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2457d1c.d24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2458d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2459d1c.d24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2460d1c.d24: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2461d1c.d24: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2462d1c.d24: supR3HardenedDllNotificationCallback: load 000007fef1440000 LB 0x00273000 D:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2463d1c.d24: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2464d1c.d24: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2465d1c.d24: supR3HardenedDllNotificationCallback: load 0000000070df0000 LB 0x0010a000 D:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
2466d1c.d24: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2467d1c.d24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1440000 'D:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2468d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2469d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ad0 pwszName=\Device\HarddiskVolume2\Windows\System32\netcfgx.dll
2470d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2471d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2472d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B2E2834BA132AEF0C1091DED23D983BBB0CDB980
2473d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\netcfgx.dll'
2474d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2475d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shlwapi.dll'.
2476d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2477d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
2478d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2479d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2480d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
2481d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'nsi.dll'.
2482d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'iphlpapi.dll'.
2483d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\netcfgx.dll) WinVerifyTrust
2484d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\netcfgx.dll
2485d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2486d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2487d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000acc pwszName=\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2488d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2489d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2490d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
2491d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL'
2492d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2493d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2494d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
2495d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
2496d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
2497d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
2498d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2499d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2500d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2501d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [redoing WinVerifyTrust]
2502d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003d8 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
2503d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2504d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2505d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
2506d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
2507d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2508d1c.8f4: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
2509d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2510d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2511d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2512d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2513d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2514d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2515d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2516d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2517d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2518d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2519d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2520d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2521d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
2522d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2523d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2524d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
2525d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
2526d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af4 pwszName=\Device\HarddiskVolume2\Windows\System32\winnsi.dll
2527d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2528d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2529d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
2530d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
2531d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2532d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2533d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2534d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
2535d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winnsi.dll) WinVerifyTrust
2536d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winnsi.dll
2537d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2538d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2539d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
2540d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2541d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2542d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2543d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2544d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
2545d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2546d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2547d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2548d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2549d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\netcfgx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003623500:D:\Windows\system32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2550d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\netcfgx.dll
2551d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef7180000 LB 0x00084000 D:\Windows\system32\netcfgx.dll [fFlags=0x0]
2552d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\netcfgx.dll
2553d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2554d1c.8f4: supR3HardenedDllNotificationCallback: load 000007feface0000 LB 0x00027000 D:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
2555d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2556d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
2557d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fefacc0000 LB 0x0000b000 D:\Windows\system32\WINNSI.DLL [fFlags=0x0]
2558d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
2559d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7180000 'D:\Windows\system32\netcfgx.dll'
2560d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\SETUPAPI.dll'
2561d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2562d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2563d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
2564d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2565d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb80000 'D:\Windows\system32\WINTRUST.dll'
2566d1c.f10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2567d1c.f10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2568d1c.f10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2569d1c.f10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2570d1c.f10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2571d1c.f10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
2572d1c.f10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2573d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2574d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2575d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2576d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2577d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2578d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2579d1c.f10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2580d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2581d1c.f10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2582d1c.f10: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2583d1c.f10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2584d1c.f10: supR3HardenedDllNotificationCallback: load 000007fef3390000 LB 0x0000a000 D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2585d1c.f10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2586d1c.f10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3390000 'D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
2587d1c.f10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077680000 'D:\Windows\system32/User32.dll'
2588d1c.c04: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2589d1c.c04: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2590d1c.c04: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2591d1c.c04: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2592d1c.c04: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
2593d1c.c04: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2594d1c.c04: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2595d1c.c04: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2596d1c.c04: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2597d1c.c04: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2598d1c.c04: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2599d1c.c04: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2600d1c.c04: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2601d1c.c04: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2602d1c.c04: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2603d1c.c04: supR3HardenedDllNotificationCallback: load 000007fef2c70000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2604d1c.c04: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2605d1c.c04: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c70000 'D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
2606d1c.688: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2607d1c.688: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2608d1c.688: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2609d1c.688: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2610d1c.688: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
2611d1c.688: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2612d1c.688: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2613d1c.688: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2614d1c.688: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2615d1c.688: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2616d1c.688: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2617d1c.688: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2618d1c.688: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2619d1c.688: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2620d1c.688: supR3HardenedDllNotificationCallback: load 000007fef2c60000 LB 0x0000c000 D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
2621d1c.688: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2622d1c.688: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c60000 'D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
2623d1c.1008: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2624d1c.1008: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2625d1c.1008: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2626d1c.1008: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2627d1c.1008: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
2628d1c.1008: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2629d1c.1008: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2630d1c.1008: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2631d1c.1008: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2632d1c.1008: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2633d1c.1008: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2634d1c.1008: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2635d1c.1008: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2636d1c.1008: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2637d1c.1008: supR3HardenedDllNotificationCallback: load 000007fef2c50000 LB 0x0000b000 D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
2638d1c.1008: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2639d1c.1008: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c50000 'D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
2640d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2641d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32/Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2642d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2643d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf00000 'D:\Windows\system32/Shell32.dll'
2644d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0f0000 'D:\Windows\system32\ole32.dll'
2645d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2646d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
2647d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
2648d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2649d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd7f0000 'D:\Windows\system32\profapi.dll'
2650d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2651d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2652d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2653d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2654d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2655d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
2656d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
2657d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2658d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
2659d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
2660d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
2661d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
2662d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
2663d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
2664d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2665d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2666d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2667d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2668d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2669d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2670d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2671d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2672d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2673d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2674d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2675d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2676d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
2677d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
2678d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2679d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2680d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2681d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2682d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
2683d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2684d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
2685d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
2686d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2687d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2688d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2689d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2690d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2691d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2692d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2693d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2694d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2695d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2696d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2697d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
2698d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2699d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
2700d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2701d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2702d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2703d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2704d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2705d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2706d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2707d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2708d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2709d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2710d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2711d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2712d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2713d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2714d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2715d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2716d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2717d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2718d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
2719d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2720d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
2721d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef0b80000 LB 0x008bf000 D:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
2722d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
2723d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2724d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef2c80000 LB 0x00057000 D:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
2725d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2726d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2727d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef2c10000 LB 0x00034000 D:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
2728d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2729d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0b80000 'D:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
2730d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2731d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2732d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2733d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2734d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef16c0000 'D:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
2735d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2736d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2737d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2738d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2739d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c10000 'D:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
2740d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2741d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2742d1c.1014: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\setupapi.dll'
2743d1c.1014: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2744d1c.1014: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2745d1c.1014: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2746d1c.1014: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
2747d1c.1014: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
2748d1c.1014: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2749d1c.1014: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2750d1c.1014: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2751d1c.1014: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2752d1c.1014: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2753d1c.1014: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2754d1c.1014: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2755d1c.1014: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2756d1c.1014: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
2757d1c.1014: supR3HardenedDllNotificationCallback: load 000007fef2b10000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
2758d1c.1014: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
2759d1c.1014: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2b10000 'D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
2760d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d20 pwszName=\Device\HarddiskVolume2\Windows\System32\dsound.dll
2761d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2762d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2763d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
2764d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\dsound.dll'
2765d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2766d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2767d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2768d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2769d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2770d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
2771d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
2772d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dsound.dll) WinVerifyTrust
2773d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dsound.dll
2774d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
2775d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
2776d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d24 pwszName=\Device\HarddiskVolume2\Windows\System32\powrprof.dll
2777d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2778d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2779d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
2780d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\powrprof.dll'
2781d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2782d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2783d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2784d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
2785d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\powrprof.dll) WinVerifyTrust
2786d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\powrprof.dll
2787d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2788d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2789d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2790d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2791d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2792d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2793d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2794d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2795d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2796d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2797d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2798d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2799d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2800d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2801d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2802d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2803d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2804d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000036182c0:D:\Windows\System32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2805d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
2806d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef2a80000 LB 0x00088000 D:\Windows\System32\dsound.dll [fFlags=0x0]
2807d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
2808d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\powrprof.dll
2809d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fefd040000 LB 0x0002c000 D:\Windows\System32\POWRPROF.dll [fFlags=0x0]
2810d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\powrprof.dll
2811d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
2812d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2813d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2a80000 'D:\Windows\System32\dsound.dll'
2814d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2a80000 'D:\Windows\System32\dsound.dll'
2815d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
2816d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32/dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2817d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
2818d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2a80000 'D:\Windows\system32/dsound.dll'
2819d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d28 pwszName=\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2820d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2821d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2822d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
2823d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll'
2824d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2825d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2826d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2827d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2828d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
2829d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll) WinVerifyTrust
2830d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2831d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
2832d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
2833d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d4c pwszName=\Device\HarddiskVolume2\Windows\System32\propsys.dll
2834d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2835d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2836d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
2837d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\propsys.dll'
2838d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2839d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2840d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
2841d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
2842d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2843d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2844d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\propsys.dll) WinVerifyTrust
2845d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll
2846d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2847d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2848d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2849d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2850d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2851d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2852d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2853d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2854d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2855d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2856d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2857d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2858d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2859d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2860d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2861d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2862d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000036182c0:D:\Windows\System32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2863d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2864d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fefc410000 LB 0x0004b000 D:\Windows\System32\MMDevApi.dll [fFlags=0x0]
2865d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2866d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll
2867d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fefc2e0000 LB 0x0012c000 D:\Windows\System32\PROPSYS.dll [fFlags=0x0]
2868d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll
2869d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec90000 'D:\Windows\system32\ADVAPI32.dll'
2870d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc410000 'D:\Windows\System32\MMDevApi.dll'
2871d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0f0000 'D:\Windows\system32\ole32.dll'
2872d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbf0000 'D:\Windows\system32\SETUPAPI.dll'
2873d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
2874d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2875d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefefd0000 'D:\Windows\system32\SHLWAPI.dll'
2876d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2877d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2878d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc410000 'D:\Windows\system32\MMDEVAPI.DLL'
2879d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0f0000 'D:\Windows\system32\ole32.dll'
2880d1c.1028: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda10000 'D:\Windows\system32\CFGMGR32.dll'
2881d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2882d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2883d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
2884d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2885d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
2886d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2887d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0d0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
2888d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff540000 'D:\Windows\system32\RPCRT4.dll'
2889d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2890d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2891d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc410000 'D:\Windows\system32\MMDevAPI.DLL'
2892d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d74 pwszName=\Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2893d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2894d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2895d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
2896d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wdmaud.drv'
2897d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2898d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2899d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2900d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2901d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2902d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
2903d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
2904d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
2905d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
2906d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv) WinVerifyTrust
2907d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2908d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
2909d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
2910d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d78 pwszName=\Device\HarddiskVolume2\Windows\System32\avrt.dll
2911d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2912d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2913d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
2914d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\avrt.dll'
2915d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2916d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\avrt.dll) WinVerifyTrust
2917d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll
2918d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
2919d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
2920d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2921d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
2922d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
2923d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d94 pwszName=\Device\HarddiskVolume2\Windows\System32\ksuser.dll
2924d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2925d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2926d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EC3873F9ACBE279185D3540F02128F42D21D0856
2927d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ksuser.dll'
2928d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2929d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2930d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll) WinVerifyTrust
2931d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll
2932d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2933d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2934d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2935d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2936d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2937d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2938d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2939d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2940d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2941d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2942d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2943d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2944d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2945d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2946d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2947d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef5d40000 LB 0x0003b000 D:\Windows\system32\wdmaud.drv [fFlags=0x0]
2948d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2949d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll
2950d1c.8f4: supR3HardenedDllNotificationCallback: load 00000000755b0000 LB 0x00006000 D:\Windows\system32\ksuser.dll [fFlags=0x0]
2951d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll
2952d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
2953d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fefd010000 LB 0x00009000 D:\Windows\system32\AVRT.dll [fFlags=0x0]
2954d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
2955d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
2956d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2957d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2958d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
2959d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2960d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2961d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
2962d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2963d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2964d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
2965d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
2966d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
2967d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
2968d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d88 pwszName=\Device\HarddiskVolume2\Windows\System32\AudioSes.dll
2969d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
2970d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
2971d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1B5BCEE9F60F75E176D19C778D9B6CD5DBEB84BB
2972d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\AudioSes.dll'
2973d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2974d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2975d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2976d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2977d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2978d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2979d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2980d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
2981d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll) WinVerifyTrust
2982d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
2983d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
2984d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
2985d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2986d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2987d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2988d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2989d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2990d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2991d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2992d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2993d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2994d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2995d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2996d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2997d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2998d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2999d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3000d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3001d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fefb950000 LB 0x0004f000 D:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
3002d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3003d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb950000 'D:\Windows\system32\AUDIOSES.DLL'
3004d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3005d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3006d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3007d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3008d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3009d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3010d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3011d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3012d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3013d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3014d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3015d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3016d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3017d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3018d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3019d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3020d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3021d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d40000 'D:\Windows\system32\wdmaud.drv'
3022d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000db8 pwszName=\Device\HarddiskVolume2\Windows\System32\msacm32.drv
3023d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
3024d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
3025d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=522563F5384AD4C93CF5CF4EEA899D3267552328
3026d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msacm32.drv'
3027d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3028d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3029d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
3030d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
3031d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
3032d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
3033d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv) WinVerifyTrust
3034d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3035d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3036d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3037d1c.8f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3038d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
3039d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
3040d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d6c pwszName=\Device\HarddiskVolume2\Windows\System32\msacm32.dll
3041d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
3042d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
3043d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCA0A8AEE81B82C402AA72A300B2C8D2DC17C1DA
3044d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msacm32.dll'
3045d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3046d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3047d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3048d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
3049d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
3050d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
3051d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll) WinVerifyTrust
3052d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3053d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3054d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3055d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3056d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3057d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3058d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3059d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3060d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3061d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3062d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3063d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3064d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3065d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3066d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3067d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3068d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3069d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3070d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3071d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef5a40000 LB 0x0000a000 D:\Windows\system32\msacm32.drv [fFlags=0x0]
3072d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3073d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3074d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef5a20000 LB 0x00018000 D:\Windows\system32\MSACM32.dll [fFlags=0x0]
3075d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3076d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3077d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3078d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3079d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3080d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3081d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3082d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3083d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3084d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3085d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3086d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3087d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3088d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3089d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3090d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3091d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3092d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3093d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3094d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3095d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3096d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3097d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5a40000 'D:\Windows\system32\msacm32.drv'
3098d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dbc pwszName=\Device\HarddiskVolume2\Windows\System32\midimap.dll
3099d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008257f0
3100d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008257f0
3101d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43116C5C719A4751DA70B12932084D73D7AACEA3
3102d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\midimap.dll'
3103d1c.8f4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3104d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3105d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
3106d1c.8f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
3107d1c.8f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\midimap.dll) WinVerifyTrust
3108d1c.8f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll
3109d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3110d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3111d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3112d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3113d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3114d1c.8f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3115d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3116d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3117d1c.8f4: supR3HardenedDllNotificationCallback: load 000007fef59b0000 LB 0x00009000 D:\Windows\system32\midimap.dll [fFlags=0x0]
3118d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3119d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef59b0000 'D:\Windows\system32\midimap.dll'
3120d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3121d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3122d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef59b0000 'D:\Windows\system32\midimap.dll'
3123d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3124d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3125d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef59b0000 'D:\Windows\system32\midimap.dll'
3126d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3127d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3128d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef59b0000 'D:\Windows\system32\midimap.dll'
3129d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3130d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3131d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3132d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0f0000 'D:\Windows\system32\ole32.dll'
3133d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3134d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
3135d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3136d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3137d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3138d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3139d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3140d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3141d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3142d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3143d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3144d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32/dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3145d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3146d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2a80000 'D:\Windows\system32/dsound.dll'
3147d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3148d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3149d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3150d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3151d1c.1030: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3152d1c.1030: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000036182c0:D:\Windows\System32;;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3153d1c.1030: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb950000 'D:\Windows\System32\audioses.dll'
3154d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3155d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32/dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3156d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2a80000 'D:\Windows\system32/dsound.dll'
3157d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8af0000 'D:\Windows\system32\winmm.dll'
3158d1c.8f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3159d1c.8f4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Windows\system32/kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4610:D:\Program Files\Oracle\VirtualBox;D:\Windows\system32;D:\Windows\system;D:\Windows;D:\Program Files (x86)\AMD APP\bin\x86_64;D:\Program Files (x86)\AMD APP\bin\x86;D:\Program Files (x86)\Java\jdk1.8.0_51\bin;D:\Windows\system32;D:\Windows;C:\DOS\ARC;D:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;E:\Utils\WinAVR\bin;E:\Utils\WinAVR\utils\bin;D:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static [calling]
3160d1c.8f4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3161d1c.8f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077780000 'D:\Windows\system32/kernel32.dll'
3162d1c.d24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddd0000 'D:\Windows\system32\OLEAUT32.dll'
3163d1c.1014: supR3HardenedDllNotificationCallback: Unload 000007fef2b10000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
3164d1c.1008: supR3HardenedDllNotificationCallback: Unload 000007fef2c50000 LB 0x0000b000 D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
3165d1c.688: supR3HardenedDllNotificationCallback: Unload 000007fef2c60000 LB 0x0000c000 D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
3166d1c.c04: supR3HardenedDllNotificationCallback: Unload 000007fef2c70000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
3167d1c.f10: supR3HardenedDllNotificationCallback: Unload 000007fef3390000 LB 0x0000a000 D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
3168d1c.8f4: supR3HardenedDllNotificationCallback: Unload 000007fef0b80000 LB 0x008bf000 D:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0]
3169d1c.8f4: supR3HardenedDllNotificationCallback: Unload 000007fef2c10000 LB 0x00034000 D:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0]
3170d1c.8f4: supR3HardenedDllNotificationCallback: Unload 000007fef2c80000 LB 0x00057000 D:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0]
3171d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fef7180000 LB 0x00084000 D:\Windows\system32\netcfgx.dll [flags=0x0]
3172d1c.900: supR3HardenedDllNotificationCallback: Unload 000007feface0000 LB 0x00027000 D:\Windows\system32\IPHLPAPI.DLL [flags=0x0]
3173d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefacc0000 LB 0x0000b000 D:\Windows\system32\WINNSI.DLL [flags=0x0]
3174d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fef74f0000 LB 0x000e2000 D:\Windows\system32\wbem\fastprox.dll [flags=0x0]
3175d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fef74c0000 LB 0x00027000 D:\Windows\system32\NTDSAPI.dll [flags=0x0]
3176d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fef6ea0000 LB 0x00014000 D:\Windows\system32\wbem\wbemsvc.dll [flags=0x0]
3177d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fefa250000 LB 0x0000f000 D:\Windows\system32\wbem\wbemprox.dll [flags=0x0]
3178d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fef7780000 LB 0x00086000 D:\Windows\system32\wbemcomn.dll [flags=0x0]
3179d1c.900: supR3HardenedDllNotificationCallback: Unload 000007fef16c0000 LB 0x004fe000 D:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
3180d1c.900: Terminating the normal way: rcExit=0
3181d70.d3c: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 93159 ms, the end);
318280c.fc0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 93779 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy