VirtualBox

Ticket #15696: VBoxHardening.log

File VBoxHardening.log, 428.7 KB (added by xonfug, 8 years ago)
Line 
13cc0.4278: Log file opened: 5.1.2r108956 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
23cc0.4278: \SystemRoot\System32\ntdll.dll:
33cc0.4278: CreationTime: 2016-06-14T08:53:53.588979700Z
43cc0.4278: LastWriteTime: 2016-04-09T06:59:27.660769000Z
53cc0.4278: ChangeTime: 2016-06-15T10:09:09.241464800Z
63cc0.4278: FileAttributes: 0x20
73cc0.4278: Size: 0x1a7100
83cc0.4278: NT Headers: 0xe0
93cc0.4278: Timestamp: 0x5708a857
103cc0.4278: Machine: 0x8664 - amd64
113cc0.4278: Timestamp: 0x5708a857
123cc0.4278: Image Version: 6.1
133cc0.4278: SizeOfImage: 0x1aa000 (1744896)
143cc0.4278: Resource Dir: 0x14e000 LB 0x5a028
153cc0.4278: ProductName: Microsoft® Windows® Operating System
163cc0.4278: ProductVersion: 6.1.7601.23418
173cc0.4278: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
183cc0.4278: FileDescription: NT Layer DLL
193cc0.4278: \SystemRoot\System32\kernel32.dll:
203cc0.4278: CreationTime: 2016-06-14T08:53:53.776179700Z
213cc0.4278: LastWriteTime: 2016-04-09T06:57:53.879000000Z
223cc0.4278: ChangeTime: 2016-06-15T10:09:09.709572800Z
233cc0.4278: FileAttributes: 0x20
243cc0.4278: Size: 0x11c000
253cc0.4278: NT Headers: 0xe0
263cc0.4278: Timestamp: 0x5708a89b
273cc0.4278: Machine: 0x8664 - amd64
283cc0.4278: Timestamp: 0x5708a89b
293cc0.4278: Image Version: 6.1
303cc0.4278: SizeOfImage: 0x11f000 (1175552)
313cc0.4278: Resource Dir: 0x116000 LB 0x528
323cc0.4278: ProductName: Microsoft® Windows® Operating System
333cc0.4278: ProductVersion: 6.1.7601.23418
343cc0.4278: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
353cc0.4278: FileDescription: Windows NT BASE API Client DLL
363cc0.4278: \SystemRoot\System32\KernelBase.dll:
373cc0.4278: CreationTime: 2016-06-14T08:53:54.790179700Z
383cc0.4278: LastWriteTime: 2016-04-09T06:57:53.879000000Z
393cc0.4278: ChangeTime: 2016-06-15T10:09:09.725176400Z
403cc0.4278: FileAttributes: 0x20
413cc0.4278: Size: 0x66800
423cc0.4278: NT Headers: 0xe8
433cc0.4278: Timestamp: 0x5708a89c
443cc0.4278: Machine: 0x8664 - amd64
453cc0.4278: Timestamp: 0x5708a89c
463cc0.4278: Image Version: 6.1
473cc0.4278: SizeOfImage: 0x6a000 (434176)
483cc0.4278: Resource Dir: 0x68000 LB 0x530
493cc0.4278: ProductName: Microsoft® Windows® Operating System
503cc0.4278: ProductVersion: 6.1.7601.23418
513cc0.4278: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
523cc0.4278: FileDescription: Windows NT BASE API Client DLL
533cc0.4278: \SystemRoot\System32\apisetschema.dll:
543cc0.4278: CreationTime: 2016-06-14T08:53:56.147379700Z
553cc0.4278: LastWriteTime: 2016-04-09T06:57:48.684000000Z
563cc0.4278: ChangeTime: 2016-06-15T10:09:09.147843200Z
573cc0.4278: FileAttributes: 0x20
583cc0.4278: Size: 0x1a00
593cc0.4278: NT Headers: 0xc0
603cc0.4278: Timestamp: 0x5708a835
613cc0.4278: Machine: 0x8664 - amd64
623cc0.4278: Timestamp: 0x5708a835
633cc0.4278: Image Version: 6.1
643cc0.4278: SizeOfImage: 0x50000 (327680)
653cc0.4278: Resource Dir: 0x30000 LB 0x3f8
663cc0.4278: ProductName: Microsoft® Windows® Operating System
673cc0.4278: ProductVersion: 6.1.7601.23418
683cc0.4278: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
693cc0.4278: FileDescription: ApiSet Schema DLL
703cc0.4278: NtOpenDirectoryObject failed on \Driver: 0xc0000022
713cc0.4278: supR3HardenedWinFindAdversaries: 0x20
723cc0.4278: \SystemRoot\System32\drivers\mfeapfk.sys:
733cc0.4278: CreationTime: 2015-11-02T22:09:03.587237100Z
743cc0.4278: LastWriteTime: 2015-11-03T01:50:37.936226400Z
753cc0.4278: ChangeTime: 2015-11-03T01:51:10.150283000Z
763cc0.4278: FileAttributes: 0x20
773cc0.4278: Size: 0x2f000
783cc0.4278: NT Headers: 0xf0
793cc0.4278: Timestamp: 0x54cbd0b9
803cc0.4278: Machine: 0x8664 - amd64
813cc0.4278: Timestamp: 0x54cbd0b9
823cc0.4278: Image Version: 0.0
833cc0.4278: SizeOfImage: 0x2cc80 (183424)
843cc0.4278: Resource Dir: 0x2c480 LB 0x340
853cc0.4278: ProductName: SYSCORE
863cc0.4278: FileVersion: SYSCORE.15.3.0.672
873cc0.4278: PrivateBuild: SYSCORE.15.3.0.672 F16
883cc0.4278: FileDescription: Access Protection Filter Driver
893cc0.4278: \SystemRoot\System32\drivers\mfeavfk.sys:
903cc0.4278: CreationTime: 2015-11-02T22:09:03.446836800Z
913cc0.4278: LastWriteTime: 2015-12-01T08:09:20.208911500Z
923cc0.4278: ChangeTime: 2015-12-01T08:09:20.208911500Z
933cc0.4278: FileAttributes: 0x20
943cc0.4278: Size: 0x54e98
953cc0.4278: NT Headers: 0xf8
963cc0.4278: Timestamp: 0x558ddc3c
973cc0.4278: Machine: 0x8664 - amd64
983cc0.4278: Timestamp: 0x558ddc3c
993cc0.4278: Image Version: 0.0
1003cc0.4278: SizeOfImage: 0x50580 (329088)
1013cc0.4278: Resource Dir: 0x4f700 LB 0x758
1023cc0.4278: ProductName: SYSCORE
1033cc0.4278: ProductVersion: 15.4.0.674
1043cc0.4278: FileVersion: SYSCORE.15.4.0.674
1053cc0.4278: PrivateBuild: SYSCORE.15.4.0.674 F15,F16,F19
1063cc0.4278: FileDescription: Anti-Virus File System Filter Driver
1073cc0.4278: \SystemRoot\System32\drivers\mfefirek.sys:
1083cc0.4278: CreationTime: 2015-11-03T01:49:40.621725700Z
1093cc0.4278: LastWriteTime: 2015-12-01T08:09:20.895201500Z
1103cc0.4278: ChangeTime: 2015-12-01T08:09:20.895201500Z
1113cc0.4278: FileAttributes: 0x20
1123cc0.4278: Size: 0x794f8
1133cc0.4278: NT Headers: 0xe8
1143cc0.4278: Timestamp: 0x558ddc7b
1153cc0.4278: Machine: 0x8664 - amd64
1163cc0.4278: Timestamp: 0x558ddc7b
1173cc0.4278: Image Version: 0.0
1183cc0.4278: SizeOfImage: 0x74880 (477312)
1193cc0.4278: Resource Dir: 0x72000 LB 0x388
1203cc0.4278: ProductName: SYSCORE
1213cc0.4278: ProductVersion: 15.4.0.674
1223cc0.4278: FileVersion: SYSCORE.15.4.0.674
1233cc0.4278: PrivateBuild: SYSCORE.15.4.0.674 F17,F18
1243cc0.4278: FileDescription: McAfee Core Firewall Engine Driver
1253cc0.4278: \SystemRoot\System32\drivers\mfehidk.sys:
1263cc0.4278: CreationTime: 2015-11-02T22:09:01.325233100Z
1273cc0.4278: LastWriteTime: 2015-12-01T08:09:20.318094000Z
1283cc0.4278: ChangeTime: 2015-12-01T08:09:20.318094000Z
1293cc0.4278: FileAttributes: 0x20
1303cc0.4278: Size: 0xd5d98
1313cc0.4278: NT Headers: 0x108
1323cc0.4278: Timestamp: 0x558ddbf8
1333cc0.4278: Machine: 0x8664 - amd64
1343cc0.4278: Timestamp: 0x558ddbf8
1353cc0.4278: Image Version: 0.0
1363cc0.4278: SizeOfImage: 0xd0880 (854144)
1373cc0.4278: Resource Dir: 0xcd980 LB 0x758
1383cc0.4278: ProductName: SYSCORE
1393cc0.4278: ProductVersion: 15.4.0.674
1403cc0.4278: FileVersion: SYSCORE.15.4.0.674
1413cc0.4278: PrivateBuild: SYSCORE.15.4.0.674 F14,F15,F16,F18,F20
1423cc0.4278: FileDescription: McAfee Link Driver
1433cc0.4278: \SystemRoot\System32\drivers\mfewfpk.sys:
1443cc0.4278: CreationTime: 2015-11-02T22:08:51.715616200Z
1453cc0.4278: LastWriteTime: 2015-12-01T08:09:20.474069000Z
1463cc0.4278: ChangeTime: 2015-12-01T08:09:20.474069000Z
1473cc0.4278: FileAttributes: 0x20
1483cc0.4278: Size: 0x54280
1493cc0.4278: NT Headers: 0x100
1503cc0.4278: Timestamp: 0x558ddc06
1513cc0.4278: Machine: 0x8664 - amd64
1523cc0.4278: Timestamp: 0x558ddc06
1533cc0.4278: Image Version: 0.0
1543cc0.4278: SizeOfImage: 0x4f980 (326016)
1553cc0.4278: Resource Dir: 0x4ef00 LB 0x380
1563cc0.4278: ProductName: SYSCORE
1573cc0.4278: ProductVersion: 15.4.0.674
1583cc0.4278: FileVersion: SYSCORE.15.4.0.674
1593cc0.4278: PrivateBuild: SYSCORE.15.4.0.674 F17,F18
1603cc0.4278: FileDescription: Anti-Virus Mini-Firewall Driver
1613cc0.4278: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
1623cc0.4278: Calling main()
1633cc0.4278: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1643cc0.4278: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
1653cc0.4278: SUPR3HardenedMain: Respawn #1
1663cc0.4278: System32: \Device\HarddiskVolume1\Windows\System32
1673cc0.4278: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
1683cc0.4278: KnownDllPath: C:\Windows\system32
1693cc0.4278: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1703cc0.4278: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1713cc0.4278: supR3HardNtEnableThreadCreation:
1723cc0.4278: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000777ea0e0 pvNtTerminateThread=000000007780c060
1733cc0.4278: supR3HardenedWinDoReSpawn(1): New child 3bc8.4304 [kernel32].
1743cc0.4278: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd3000 cbPeb=0x380
1753cc0.4278: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000777c0000 uNtDllChildAddr=00000000777c0000
1763cc0.4278: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000777ea0e0
1773cc0.4278: supR3HardenedWinSetupChildInit: Start child.
1783cc0.4278: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
1793cc0.4278: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 42 sleeps
1803cc0.4278: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1813cc0.4278: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1823cc0.4278: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
1833cc0.4278: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
1843cc0.4278: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
1853cc0.4278: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
1863cc0.4278: 0000000000041000-fffffffffffa1fff 0x0001/0x0000 0x0000000
1873cc0.4278: *00000000000e0000-fffffffffffe3fff 0x0000/0x0004 0x0020000
1883cc0.4278: 00000000001dc000-00000000001d9fff 0x0104/0x0004 0x0020000
1893cc0.4278: 00000000001de000-00000000001dbfff 0x0004/0x0004 0x0020000
1903cc0.4278: 00000000001e0000-ffffffff88bfffff 0x0001/0x0000 0x0000000
1913cc0.4278: *00000000777c0000-00000000777c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1923cc0.4278: 00000000777c1000-00000000778bdfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1933cc0.4278: 00000000778be000-00000000778ecfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1943cc0.4278: 00000000778ed000-00000000778f6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1953cc0.4278: 00000000778f7000-00000000778f7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1963cc0.4278: 00000000778f8000-00000000778fafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1973cc0.4278: 00000000778fb000-0000000077969fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1983cc0.4278: 000000007796a000-00000000702f3fff 0x0001/0x0000 0x0000000
1993cc0.4278: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2003cc0.4278: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2013cc0.4278: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2023cc0.4278: 000000007fff0000-ffffffffc0f2ffff 0x0001/0x0000 0x0000000
2033cc0.4278: *000000013f0b0000-000000013f0b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2043cc0.4278: 000000013f0b1000-000000013f11ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2053cc0.4278: 000000013f120000-000000013f120fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2063cc0.4278: 000000013f121000-000000013f164fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2073cc0.4278: 000000013f165000-000000013f165fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2083cc0.4278: 000000013f166000-000000013f166fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2093cc0.4278: 000000013f167000-000000013f16bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2103cc0.4278: 000000013f16c000-000000013f16cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2113cc0.4278: 000000013f16d000-000000013f16dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2123cc0.4278: 000000013f16e000-000000013f171fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2133cc0.4278: 000000013f172000-000000013f1b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2143cc0.4278: 000000013f1ba000-fffff8037e893fff 0x0001/0x0000 0x0000000
2153cc0.4278: *000007feffae0000-000007feffae0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
2163cc0.4278: 000007feffae1000-000007fdff611fff 0x0001/0x0000 0x0000000
2173cc0.4278: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2183cc0.4278: *000007fffffd3000-000007fffffd1fff 0x0004/0x0004 0x0020000
2193cc0.4278: 000007fffffd4000-000007fffffc9fff 0x0001/0x0000 0x0000000
2203cc0.4278: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2213cc0.4278: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2223cc0.4278: apisetschema.dll: timestamp 0x5708a835 (rc=VINF_SUCCESS)
2233cc0.4278: VirtualBox.exe: timestamp 0x5790f053 (rc=VINF_SUCCESS)
2243cc0.4278: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2253cc0.4278: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
2263cc0.4278: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
2273cc0.4278: supR3HardNtChildPurify: Done after 536 ms and 0 fixes (loop #0).
2283cc0.4278: supR3HardNtEnableThreadCreation:
2293bc8.4304: Log file opened: 5.1.2r108956 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
2303bc8.4304: supR3HardenedVmProcessInit: uNtDllAddr=00000000777c0000 g_uNtVerCombined=0x611db100
2313bc8.4304: ntdll.dll: timestamp 0x5708a857 (rc=VINF_SUCCESS)
2323bc8.4304: New simple heap: #1 00000000002e0000 LB 0x400000 (for 1744896 allocation)
2333bc8.4304: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
2343bc8.4304: System32: \Device\HarddiskVolume1\Windows\System32
2353bc8.4304: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
2363bc8.4304: KnownDllPath: C:\Windows\system32
2373bc8.4304: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2383bc8.4304: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2393bc8.4304: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2403bc8.4304: Registered Dll notification callback with NTDLL.
2413bc8.4304: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
2423bc8.4304: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
2433bc8.4304: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2443bc8.4304: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2453bc8.4304: supR3HardenedDllNotificationCallback: load 00000000775a0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
2463bc8.4304: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2473bc8.4304: supR3HardenedDllNotificationCallback: load 000007fefd540000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
2483bc8.4304: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
2493bc8.4304: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
2503bc8.4304: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775a0000 'C:\Windows\system32\kernel32.dll'
2513bc8.4304: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000777ea0e0 pvNtTerminateThread=000000007780c060
2523cc0.4278: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 23 ms.
2533bc8.4304: \SystemRoot\System32\ntdll.dll:
2543bc8.4304: CreationTime: 2016-06-14T08:53:53.588979700Z
2553bc8.4304: LastWriteTime: 2016-04-09T06:59:27.660769000Z
2563bc8.4304: ChangeTime: 2016-06-15T10:09:09.241464800Z
2573bc8.4304: FileAttributes: 0x20
2583bc8.4304: Size: 0x1a7100
2593bc8.4304: NT Headers: 0xe0
2603bc8.4304: Timestamp: 0x5708a857
2613bc8.4304: Machine: 0x8664 - amd64
2623bc8.4304: Timestamp: 0x5708a857
2633bc8.4304: Image Version: 6.1
2643bc8.4304: SizeOfImage: 0x1aa000 (1744896)
2653bc8.4304: Resource Dir: 0x14e000 LB 0x5a028
2663bc8.4304: ProductName: Microsoft® Windows® Operating System
2673bc8.4304: ProductVersion: 6.1.7601.23418
2683bc8.4304: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
2693bc8.4304: FileDescription: NT Layer DLL
2703bc8.4304: \SystemRoot\System32\kernel32.dll:
2713bc8.4304: CreationTime: 2016-06-14T08:53:53.776179700Z
2723bc8.4304: LastWriteTime: 2016-04-09T06:57:53.879000000Z
2733bc8.4304: ChangeTime: 2016-06-15T10:09:09.709572800Z
2743bc8.4304: FileAttributes: 0x20
2753bc8.4304: Size: 0x11c000
2763bc8.4304: NT Headers: 0xe0
2773bc8.4304: Timestamp: 0x5708a89b
2783bc8.4304: Machine: 0x8664 - amd64
2793bc8.4304: Timestamp: 0x5708a89b
2803bc8.4304: Image Version: 6.1
2813bc8.4304: SizeOfImage: 0x11f000 (1175552)
2823bc8.4304: Resource Dir: 0x116000 LB 0x528
2833bc8.4304: ProductName: Microsoft® Windows® Operating System
2843bc8.4304: ProductVersion: 6.1.7601.23418
2853bc8.4304: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
2863bc8.4304: FileDescription: Windows NT BASE API Client DLL
2873bc8.4304: \SystemRoot\System32\KernelBase.dll:
2883bc8.4304: CreationTime: 2016-06-14T08:53:54.790179700Z
2893bc8.4304: LastWriteTime: 2016-04-09T06:57:53.879000000Z
2903bc8.4304: ChangeTime: 2016-06-15T10:09:09.725176400Z
2913bc8.4304: FileAttributes: 0x20
2923bc8.4304: Size: 0x66800
2933bc8.4304: NT Headers: 0xe8
2943bc8.4304: Timestamp: 0x5708a89c
2953bc8.4304: Machine: 0x8664 - amd64
2963bc8.4304: Timestamp: 0x5708a89c
2973bc8.4304: Image Version: 6.1
2983bc8.4304: SizeOfImage: 0x6a000 (434176)
2993bc8.4304: Resource Dir: 0x68000 LB 0x530
3003bc8.4304: ProductName: Microsoft® Windows® Operating System
3013bc8.4304: ProductVersion: 6.1.7601.23418
3023bc8.4304: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
3033bc8.4304: FileDescription: Windows NT BASE API Client DLL
3043bc8.4304: \SystemRoot\System32\apisetschema.dll:
3053bc8.4304: CreationTime: 2016-06-14T08:53:56.147379700Z
3063bc8.4304: LastWriteTime: 2016-04-09T06:57:48.684000000Z
3073bc8.4304: ChangeTime: 2016-06-15T10:09:09.147843200Z
3083bc8.4304: FileAttributes: 0x20
3093bc8.4304: Size: 0x1a00
3103bc8.4304: NT Headers: 0xc0
3113bc8.4304: Timestamp: 0x5708a835
3123bc8.4304: Machine: 0x8664 - amd64
3133bc8.4304: Timestamp: 0x5708a835
3143bc8.4304: Image Version: 6.1
3153bc8.4304: SizeOfImage: 0x50000 (327680)
3163bc8.4304: Resource Dir: 0x30000 LB 0x3f8
3173bc8.4304: ProductName: Microsoft® Windows® Operating System
3183bc8.4304: ProductVersion: 6.1.7601.23418
3193bc8.4304: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
3203bc8.4304: FileDescription: ApiSet Schema DLL
3213bc8.4304: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3223bc8.4304: supR3HardenedWinFindAdversaries: 0x20
3233bc8.4304: \SystemRoot\System32\drivers\mfeapfk.sys:
3243bc8.4304: CreationTime: 2015-11-02T22:09:03.587237100Z
3253bc8.4304: LastWriteTime: 2015-11-03T01:50:37.936226400Z
3263bc8.4304: ChangeTime: 2015-11-03T01:51:10.150283000Z
3273bc8.4304: FileAttributes: 0x20
3283bc8.4304: Size: 0x2f000
3293bc8.4304: NT Headers: 0xf0
3303bc8.4304: Timestamp: 0x54cbd0b9
3313bc8.4304: Machine: 0x8664 - amd64
3323bc8.4304: Timestamp: 0x54cbd0b9
3333bc8.4304: Image Version: 0.0
3343bc8.4304: SizeOfImage: 0x2cc80 (183424)
3353bc8.4304: Resource Dir: 0x2c480 LB 0x340
3363bc8.4304: ProductName: SYSCORE
3373bc8.4304: FileVersion: SYSCORE.15.3.0.672
3383bc8.4304: PrivateBuild: SYSCORE.15.3.0.672 F16
3393bc8.4304: FileDescription: Access Protection Filter Driver
3403bc8.4304: \SystemRoot\System32\drivers\mfeavfk.sys:
3413bc8.4304: CreationTime: 2015-11-02T22:09:03.446836800Z
3423bc8.4304: LastWriteTime: 2015-12-01T08:09:20.208911500Z
3433bc8.4304: ChangeTime: 2015-12-01T08:09:20.208911500Z
3443bc8.4304: FileAttributes: 0x20
3453bc8.4304: Size: 0x54e98
3463bc8.4304: NT Headers: 0xf8
3473bc8.4304: Timestamp: 0x558ddc3c
3483bc8.4304: Machine: 0x8664 - amd64
3493bc8.4304: Timestamp: 0x558ddc3c
3503bc8.4304: Image Version: 0.0
3513bc8.4304: SizeOfImage: 0x50580 (329088)
3523bc8.4304: Resource Dir: 0x4f700 LB 0x758
3533bc8.4304: ProductName: SYSCORE
3543bc8.4304: ProductVersion: 15.4.0.674
3553bc8.4304: FileVersion: SYSCORE.15.4.0.674
3563bc8.4304: PrivateBuild: SYSCORE.15.4.0.674 F15,F16,F19
3573bc8.4304: FileDescription: Anti-Virus File System Filter Driver
3583bc8.4304: \SystemRoot\System32\drivers\mfefirek.sys:
3593bc8.4304: CreationTime: 2015-11-03T01:49:40.621725700Z
3603bc8.4304: LastWriteTime: 2015-12-01T08:09:20.895201500Z
3613bc8.4304: ChangeTime: 2015-12-01T08:09:20.895201500Z
3623bc8.4304: FileAttributes: 0x20
3633bc8.4304: Size: 0x794f8
3643bc8.4304: NT Headers: 0xe8
3653bc8.4304: Timestamp: 0x558ddc7b
3663bc8.4304: Machine: 0x8664 - amd64
3673bc8.4304: Timestamp: 0x558ddc7b
3683bc8.4304: Image Version: 0.0
3693bc8.4304: SizeOfImage: 0x74880 (477312)
3703bc8.4304: Resource Dir: 0x72000 LB 0x388
3713bc8.4304: ProductName: SYSCORE
3723bc8.4304: ProductVersion: 15.4.0.674
3733bc8.4304: FileVersion: SYSCORE.15.4.0.674
3743bc8.4304: PrivateBuild: SYSCORE.15.4.0.674 F17,F18
3753bc8.4304: FileDescription: McAfee Core Firewall Engine Driver
3763bc8.4304: \SystemRoot\System32\drivers\mfehidk.sys:
3773bc8.4304: CreationTime: 2015-11-02T22:09:01.325233100Z
3783bc8.4304: LastWriteTime: 2015-12-01T08:09:20.318094000Z
3793bc8.4304: ChangeTime: 2015-12-01T08:09:20.318094000Z
3803bc8.4304: FileAttributes: 0x20
3813bc8.4304: Size: 0xd5d98
3823bc8.4304: NT Headers: 0x108
3833bc8.4304: Timestamp: 0x558ddbf8
3843bc8.4304: Machine: 0x8664 - amd64
3853bc8.4304: Timestamp: 0x558ddbf8
3863bc8.4304: Image Version: 0.0
3873bc8.4304: SizeOfImage: 0xd0880 (854144)
3883bc8.4304: Resource Dir: 0xcd980 LB 0x758
3893bc8.4304: ProductName: SYSCORE
3903bc8.4304: ProductVersion: 15.4.0.674
3913bc8.4304: FileVersion: SYSCORE.15.4.0.674
3923bc8.4304: PrivateBuild: SYSCORE.15.4.0.674 F14,F15,F16,F18,F20
3933bc8.4304: FileDescription: McAfee Link Driver
3943bc8.4304: \SystemRoot\System32\drivers\mfewfpk.sys:
3953bc8.4304: CreationTime: 2015-11-02T22:08:51.715616200Z
3963bc8.4304: LastWriteTime: 2015-12-01T08:09:20.474069000Z
3973bc8.4304: ChangeTime: 2015-12-01T08:09:20.474069000Z
3983bc8.4304: FileAttributes: 0x20
3993bc8.4304: Size: 0x54280
4003bc8.4304: NT Headers: 0x100
4013bc8.4304: Timestamp: 0x558ddc06
4023bc8.4304: Machine: 0x8664 - amd64
4033bc8.4304: Timestamp: 0x558ddc06
4043bc8.4304: Image Version: 0.0
4053bc8.4304: SizeOfImage: 0x4f980 (326016)
4063bc8.4304: Resource Dir: 0x4ef00 LB 0x380
4073bc8.4304: ProductName: SYSCORE
4083bc8.4304: ProductVersion: 15.4.0.674
4093bc8.4304: FileVersion: SYSCORE.15.4.0.674
4103bc8.4304: PrivateBuild: SYSCORE.15.4.0.674 F17,F18
4113bc8.4304: FileDescription: Anti-Virus Mini-Firewall Driver
4123bc8.4304: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
4133bc8.4304: Calling main()
4143bc8.4304: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4153bc8.4304: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
4163bc8.4304: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4173bc8.4304: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4183bc8.4304: SUPR3HardenedMain: Respawn #2
4193bc8.4304: supR3HardNtEnableThreadCreation:
4203bc8.4304: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4213bc8.4304: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4223bc8.4304: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
4233bc8.4304: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
4243bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4253bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4263bc8.4304: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
4273bc8.4304: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
4283bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4293bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4303bc8.4304: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
4313bc8.4304: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
4323bc8.4304: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x1000 pwszSearchPath=0000000000000000:<flags> [calling]
4333bc8.4304: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4343bc8.4304: supR3HardenedDllNotificationCallback: load 000007fefed10000 LB 0x000db000 C:\Windows\system32\ADVAPI32.DLL [fFlags=0x0]
4353bc8.4304: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4363bc8.4304: supR3HardenedDllNotificationCallback: load 000007feff230000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
4373bc8.4304: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4383bc8.4304: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
4393bc8.4304: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
4403bc8.4304: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
4413bc8.4304: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
4423bc8.4304: supR3HardenedDllNotificationCallback: load 000007feff900000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
4433bc8.4304: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4443bc8.4304: supR3HardenedDllNotificationCallback: load 000007fefead0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
4453bc8.4304: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4463bc8.4304: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.DLL'
4473bc8.4304: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
4483bc8.4304: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
4493bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4503bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4513bc8.4304: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4523bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4533bc8.4304: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4543bc8.4304: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4553bc8.4304: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4563bc8.4304: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4573bc8.4304: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
4583bc8.4304: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4593bc8.4304: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3b0000 'C:\Windows\system32\apphelp.dll'
4603bc8.4304: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000777ea0e0 pvNtTerminateThread=000000007780c060
4613bc8.4304: supR3HardenedWinDoReSpawn(2): New child 322c.3bdc [kernel32].
4623bc8.4304: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
4633bc8.4304: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000777c0000 uNtDllChildAddr=00000000777c0000
4643bc8.4304: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000777ea0e0
4653bc8.4304: supR3HardenedWinSetupChildInit: Start child.
4663bc8.4304: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
4673bc8.4304: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
4683bc8.4304: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4693bc8.4304: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
4703bc8.4304: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
4713bc8.4304: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
4723bc8.4304: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
4733bc8.4304: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
4743bc8.4304: 0000000000041000-ffffffffffed1fff 0x0001/0x0000 0x0000000
4753bc8.4304: *00000000001b0000-00000000000b3fff 0x0000/0x0004 0x0020000
4763bc8.4304: 00000000002ac000-00000000002a9fff 0x0104/0x0004 0x0020000
4773bc8.4304: 00000000002ae000-00000000002abfff 0x0004/0x0004 0x0020000
4783bc8.4304: 00000000002b0000-ffffffff88d9ffff 0x0001/0x0000 0x0000000
4793bc8.4304: *00000000777c0000-00000000777c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4803bc8.4304: 00000000777c1000-00000000778bdfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4813bc8.4304: 00000000778be000-00000000778ecfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4823bc8.4304: 00000000778ed000-00000000778f6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4833bc8.4304: 00000000778f7000-00000000778f7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4843bc8.4304: 00000000778f8000-00000000778fafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4853bc8.4304: 00000000778fb000-0000000077969fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
4863bc8.4304: 000000007796a000-00000000702f3fff 0x0001/0x0000 0x0000000
4873bc8.4304: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
4883bc8.4304: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
4893bc8.4304: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
4903bc8.4304: 000000007fff0000-ffffffffc0f2ffff 0x0001/0x0000 0x0000000
4913bc8.4304: *000000013f0b0000-000000013f0b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4923bc8.4304: 000000013f0b1000-000000013f11ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4933bc8.4304: 000000013f120000-000000013f120fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4943bc8.4304: 000000013f121000-000000013f164fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4953bc8.4304: 000000013f165000-000000013f165fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4963bc8.4304: 000000013f166000-000000013f166fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4973bc8.4304: 000000013f167000-000000013f16bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4983bc8.4304: 000000013f16c000-000000013f16cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
4993bc8.4304: 000000013f16d000-000000013f16dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
5003bc8.4304: 000000013f16e000-000000013f171fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
5013bc8.4304: 000000013f172000-000000013f1b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
5023bc8.4304: 000000013f1ba000-fffff8037e893fff 0x0001/0x0000 0x0000000
5033bc8.4304: *000007feffae0000-000007feffae0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
5043bc8.4304: 000007feffae1000-000007fdff611fff 0x0001/0x0000 0x0000000
5053bc8.4304: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
5063bc8.4304: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
5073bc8.4304: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
5083bc8.4304: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
5093bc8.4304: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
5103bc8.4304: apisetschema.dll: timestamp 0x5708a835 (rc=VINF_SUCCESS)
5113bc8.4304: VirtualBox.exe: timestamp 0x5790f053 (rc=VINF_SUCCESS)
5123bc8.4304: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
5133bc8.4304: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
5143bc8.4304: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
5153bc8.4304: supR3HardNtChildPurify: Done after 538 ms and 0 fixes (loop #0).
5163bc8.4304: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002e0000 LB 0x400000)
5173bc8.4304: supR3HardNtEnableThreadCreation:
518322c.3bdc: Log file opened: 5.1.2r108956 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
519322c.3bdc: supR3HardenedVmProcessInit: uNtDllAddr=00000000777c0000 g_uNtVerCombined=0x611db100
520322c.3bdc: ntdll.dll: timestamp 0x5708a857 (rc=VINF_SUCCESS)
521322c.3bdc: New simple heap: #1 00000000002b0000 LB 0x400000 (for 1744896 allocation)
522322c.3bdc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
523322c.3bdc: System32: \Device\HarddiskVolume1\Windows\System32
524322c.3bdc: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
525322c.3bdc: KnownDllPath: C:\Windows\system32
526322c.3bdc: supR3HardenedVmProcessInit: Opening vboxdrv...
527322c.3bdc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
528322c.3bdc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
529322c.3bdc: Registered Dll notification callback with NTDLL.
530322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
531322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
532322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
533322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
534322c.3bdc: supR3HardenedDllNotificationCallback: load 00000000775a0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
535322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
536322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd540000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
537322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
538322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
539322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775a0000 'C:\Windows\system32\kernel32.dll'
540322c.3bdc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000777ea0e0 pvNtTerminateThread=000000007780c060
5413bc8.4304: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 31 ms.
542322c.3bdc: \SystemRoot\System32\ntdll.dll:
543322c.3bdc: CreationTime: 2016-06-14T08:53:53.588979700Z
544322c.3bdc: LastWriteTime: 2016-04-09T06:59:27.660769000Z
545322c.3bdc: ChangeTime: 2016-06-15T10:09:09.241464800Z
546322c.3bdc: FileAttributes: 0x20
547322c.3bdc: Size: 0x1a7100
548322c.3bdc: NT Headers: 0xe0
549322c.3bdc: Timestamp: 0x5708a857
550322c.3bdc: Machine: 0x8664 - amd64
551322c.3bdc: Timestamp: 0x5708a857
552322c.3bdc: Image Version: 6.1
553322c.3bdc: SizeOfImage: 0x1aa000 (1744896)
554322c.3bdc: Resource Dir: 0x14e000 LB 0x5a028
555322c.3bdc: ProductName: Microsoft® Windows® Operating System
556322c.3bdc: ProductVersion: 6.1.7601.23418
557322c.3bdc: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
558322c.3bdc: FileDescription: NT Layer DLL
559322c.3bdc: \SystemRoot\System32\kernel32.dll:
560322c.3bdc: CreationTime: 2016-06-14T08:53:53.776179700Z
561322c.3bdc: LastWriteTime: 2016-04-09T06:57:53.879000000Z
562322c.3bdc: ChangeTime: 2016-06-15T10:09:09.709572800Z
563322c.3bdc: FileAttributes: 0x20
564322c.3bdc: Size: 0x11c000
565322c.3bdc: NT Headers: 0xe0
566322c.3bdc: Timestamp: 0x5708a89b
567322c.3bdc: Machine: 0x8664 - amd64
568322c.3bdc: Timestamp: 0x5708a89b
569322c.3bdc: Image Version: 6.1
570322c.3bdc: SizeOfImage: 0x11f000 (1175552)
571322c.3bdc: Resource Dir: 0x116000 LB 0x528
572322c.3bdc: ProductName: Microsoft® Windows® Operating System
573322c.3bdc: ProductVersion: 6.1.7601.23418
574322c.3bdc: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
575322c.3bdc: FileDescription: Windows NT BASE API Client DLL
576322c.3bdc: \SystemRoot\System32\KernelBase.dll:
577322c.3bdc: CreationTime: 2016-06-14T08:53:54.790179700Z
578322c.3bdc: LastWriteTime: 2016-04-09T06:57:53.879000000Z
579322c.3bdc: ChangeTime: 2016-06-15T10:09:09.725176400Z
580322c.3bdc: FileAttributes: 0x20
581322c.3bdc: Size: 0x66800
582322c.3bdc: NT Headers: 0xe8
583322c.3bdc: Timestamp: 0x5708a89c
584322c.3bdc: Machine: 0x8664 - amd64
585322c.3bdc: Timestamp: 0x5708a89c
586322c.3bdc: Image Version: 6.1
587322c.3bdc: SizeOfImage: 0x6a000 (434176)
588322c.3bdc: Resource Dir: 0x68000 LB 0x530
589322c.3bdc: ProductName: Microsoft® Windows® Operating System
590322c.3bdc: ProductVersion: 6.1.7601.23418
591322c.3bdc: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
592322c.3bdc: FileDescription: Windows NT BASE API Client DLL
593322c.3bdc: \SystemRoot\System32\apisetschema.dll:
594322c.3bdc: CreationTime: 2016-06-14T08:53:56.147379700Z
595322c.3bdc: LastWriteTime: 2016-04-09T06:57:48.684000000Z
596322c.3bdc: ChangeTime: 2016-06-15T10:09:09.147843200Z
597322c.3bdc: FileAttributes: 0x20
598322c.3bdc: Size: 0x1a00
599322c.3bdc: NT Headers: 0xc0
600322c.3bdc: Timestamp: 0x5708a835
601322c.3bdc: Machine: 0x8664 - amd64
602322c.3bdc: Timestamp: 0x5708a835
603322c.3bdc: Image Version: 6.1
604322c.3bdc: SizeOfImage: 0x50000 (327680)
605322c.3bdc: Resource Dir: 0x30000 LB 0x3f8
606322c.3bdc: ProductName: Microsoft® Windows® Operating System
607322c.3bdc: ProductVersion: 6.1.7601.23418
608322c.3bdc: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
609322c.3bdc: FileDescription: ApiSet Schema DLL
610322c.3bdc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
611322c.3bdc: supR3HardenedWinFindAdversaries: 0x20
612322c.3bdc: \SystemRoot\System32\drivers\mfeapfk.sys:
613322c.3bdc: CreationTime: 2015-11-02T22:09:03.587237100Z
614322c.3bdc: LastWriteTime: 2015-11-03T01:50:37.936226400Z
615322c.3bdc: ChangeTime: 2015-11-03T01:51:10.150283000Z
616322c.3bdc: FileAttributes: 0x20
617322c.3bdc: Size: 0x2f000
618322c.3bdc: NT Headers: 0xf0
619322c.3bdc: Timestamp: 0x54cbd0b9
620322c.3bdc: Machine: 0x8664 - amd64
621322c.3bdc: Timestamp: 0x54cbd0b9
622322c.3bdc: Image Version: 0.0
623322c.3bdc: SizeOfImage: 0x2cc80 (183424)
624322c.3bdc: Resource Dir: 0x2c480 LB 0x340
625322c.3bdc: ProductName: SYSCORE
626322c.3bdc: FileVersion: SYSCORE.15.3.0.672
627322c.3bdc: PrivateBuild: SYSCORE.15.3.0.672 F16
628322c.3bdc: FileDescription: Access Protection Filter Driver
629322c.3bdc: \SystemRoot\System32\drivers\mfeavfk.sys:
630322c.3bdc: CreationTime: 2015-11-02T22:09:03.446836800Z
631322c.3bdc: LastWriteTime: 2015-12-01T08:09:20.208911500Z
632322c.3bdc: ChangeTime: 2015-12-01T08:09:20.208911500Z
633322c.3bdc: FileAttributes: 0x20
634322c.3bdc: Size: 0x54e98
635322c.3bdc: NT Headers: 0xf8
636322c.3bdc: Timestamp: 0x558ddc3c
637322c.3bdc: Machine: 0x8664 - amd64
638322c.3bdc: Timestamp: 0x558ddc3c
639322c.3bdc: Image Version: 0.0
640322c.3bdc: SizeOfImage: 0x50580 (329088)
641322c.3bdc: Resource Dir: 0x4f700 LB 0x758
642322c.3bdc: ProductName: SYSCORE
643322c.3bdc: ProductVersion: 15.4.0.674
644322c.3bdc: FileVersion: SYSCORE.15.4.0.674
645322c.3bdc: PrivateBuild: SYSCORE.15.4.0.674 F15,F16,F19
646322c.3bdc: FileDescription: Anti-Virus File System Filter Driver
647322c.3bdc: \SystemRoot\System32\drivers\mfefirek.sys:
648322c.3bdc: CreationTime: 2015-11-03T01:49:40.621725700Z
649322c.3bdc: LastWriteTime: 2015-12-01T08:09:20.895201500Z
650322c.3bdc: ChangeTime: 2015-12-01T08:09:20.895201500Z
651322c.3bdc: FileAttributes: 0x20
652322c.3bdc: Size: 0x794f8
653322c.3bdc: NT Headers: 0xe8
654322c.3bdc: Timestamp: 0x558ddc7b
655322c.3bdc: Machine: 0x8664 - amd64
656322c.3bdc: Timestamp: 0x558ddc7b
657322c.3bdc: Image Version: 0.0
658322c.3bdc: SizeOfImage: 0x74880 (477312)
659322c.3bdc: Resource Dir: 0x72000 LB 0x388
660322c.3bdc: ProductName: SYSCORE
661322c.3bdc: ProductVersion: 15.4.0.674
662322c.3bdc: FileVersion: SYSCORE.15.4.0.674
663322c.3bdc: PrivateBuild: SYSCORE.15.4.0.674 F17,F18
664322c.3bdc: FileDescription: McAfee Core Firewall Engine Driver
665322c.3bdc: \SystemRoot\System32\drivers\mfehidk.sys:
666322c.3bdc: CreationTime: 2015-11-02T22:09:01.325233100Z
667322c.3bdc: LastWriteTime: 2015-12-01T08:09:20.318094000Z
668322c.3bdc: ChangeTime: 2015-12-01T08:09:20.318094000Z
669322c.3bdc: FileAttributes: 0x20
670322c.3bdc: Size: 0xd5d98
671322c.3bdc: NT Headers: 0x108
672322c.3bdc: Timestamp: 0x558ddbf8
673322c.3bdc: Machine: 0x8664 - amd64
674322c.3bdc: Timestamp: 0x558ddbf8
675322c.3bdc: Image Version: 0.0
676322c.3bdc: SizeOfImage: 0xd0880 (854144)
677322c.3bdc: Resource Dir: 0xcd980 LB 0x758
678322c.3bdc: ProductName: SYSCORE
679322c.3bdc: ProductVersion: 15.4.0.674
680322c.3bdc: FileVersion: SYSCORE.15.4.0.674
681322c.3bdc: PrivateBuild: SYSCORE.15.4.0.674 F14,F15,F16,F18,F20
682322c.3bdc: FileDescription: McAfee Link Driver
683322c.3bdc: \SystemRoot\System32\drivers\mfewfpk.sys:
684322c.3bdc: CreationTime: 2015-11-02T22:08:51.715616200Z
685322c.3bdc: LastWriteTime: 2015-12-01T08:09:20.474069000Z
686322c.3bdc: ChangeTime: 2015-12-01T08:09:20.474069000Z
687322c.3bdc: FileAttributes: 0x20
688322c.3bdc: Size: 0x54280
689322c.3bdc: NT Headers: 0x100
690322c.3bdc: Timestamp: 0x558ddc06
691322c.3bdc: Machine: 0x8664 - amd64
692322c.3bdc: Timestamp: 0x558ddc06
693322c.3bdc: Image Version: 0.0
694322c.3bdc: SizeOfImage: 0x4f980 (326016)
695322c.3bdc: Resource Dir: 0x4ef00 LB 0x380
696322c.3bdc: ProductName: SYSCORE
697322c.3bdc: ProductVersion: 15.4.0.674
698322c.3bdc: FileVersion: SYSCORE.15.4.0.674
699322c.3bdc: PrivateBuild: SYSCORE.15.4.0.674 F17,F18
700322c.3bdc: FileDescription: Anti-Virus Mini-Firewall Driver
701322c.3bdc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
702322c.3bdc: Calling main()
703322c.3bdc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
704322c.3bdc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
705322c.3bdc: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
706322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
707322c.3bdc: SUPR3HardenedMain: Final process, opening VBoxDrv...
708322c.3bdc: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002b0000 LB 0x400000)
709322c.3bdc: supR3HardNtEnableThreadCreation:
710322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
711322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
712322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ab661:<flags> [calling]
713322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
714322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feee0d0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
715322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
716322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
717322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a8de1:<flags> [calling]
718322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feee0d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
719322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
720322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a8de1:<flags> [calling]
721322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feee0d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
722322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feee0d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
723322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
724322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
725322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
726322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
727322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
728322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
729322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
730322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
731322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
732322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
733322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
734322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
735322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
736322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
737322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
738322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
739322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
740322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
741322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
742322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
743322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
744322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
745322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
746322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
747322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
748322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
749322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
750322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
751322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
752322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
753322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ad471:<flags> [calling]
754322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
755322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd600000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
756322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
757322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff230000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
758322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
759322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd6e0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
760322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
761322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd500000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
762322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
763322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefead0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
764322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
765322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd600000 'C:\Windows\system32\Wintrust.dll'
766322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
767322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
768322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ad471:<flags> [calling]
769322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
770322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefce20000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
771322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
772322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce20000 'C:\Windows\system32\bcrypt.dll'
773322c.3bdc: bcrypt.dll loaded at 000007fefce20000, BCryptOpenAlgorithmProvider at 000007fefce22640, preloading providers:
774322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
775322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
776322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
777322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
778322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
779322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
780322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
781322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
782322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
783322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
784322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
785322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
786322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
787322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
788322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
789322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
790322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
791322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
792322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
793322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ad461:<flags> [calling]
794322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
795322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefc930000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
796322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
797322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefed10000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
798322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
799322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
800322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
801322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
802322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
803322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff900000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
804322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
805322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc930000 'C:\Windows\system32\bcryptprimitives.dll'
806322c.3bdc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000088d460)
807322c.3bdc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000088eb50)
808322c.3bdc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000088f510)
809322c.3bdc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000088f630)
810322c.3bdc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000088f750)
811322c.3bdc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000088f870)
812322c.3bdc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000088fab0)
813322c.3bdc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000088fbd0)
814322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
815322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
816322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
817322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
818322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
819322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
820322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
821322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
822322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acfc1:<flags> [calling]
823322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
824322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefcea0000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
825322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
826322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcea0000 'C:\Windows\system32\CRYPTSP.dll'
827322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
828322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
829322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
830322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
831322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
832322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
833322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acf51:<flags> [calling]
834322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
835322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefc9d0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
836322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
837322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9d0000 'C:\Windows\system32\rsaenh.dll'
838322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
839322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac7e1:<flags> [calling]
840322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.dll'
841322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
842322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
843322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acb61:<flags> [calling]
844322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
845322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd300000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
846322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
847322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd300000 'C:\Windows\system32\CRYPTBASE.dll'
848322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
849322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac591:<flags> [calling]
850322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775a0000 'C:\Windows\system32\kernel32.dll'
851322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
852322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acf21:<flags> [calling]
853322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd600000 'C:\Windows\system32\WINTRUST.DLL'
854322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
855322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=00000000002acd51:<flags> [calling]
856322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6e0000 'C:\Windows\system32\CRYPT32.dll'
857322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
858322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
859322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
860322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
861322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
862322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
863322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
864322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
865322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
866322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
867322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acda1:<flags> [calling]
868322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
869322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff8e0000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
870322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
871322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8e0000 'C:\Windows\system32\imagehlp.dll'
872322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
873322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acef1:<flags> [calling]
874322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcea0000 'C:\Windows\system32\CRYPTSP.dll'
875322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
876322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
877322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
878322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
879322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
880322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
881322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
882322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
883322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
884322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
885322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
886322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
887322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
888322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
889322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
890322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
891322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
892322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
893322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
894322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
895322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
896322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
897322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
898322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
899322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
900322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
901322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
902322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
903322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
904322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
905322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
906322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
907322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
908322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
909322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
910322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
911322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
912322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
913322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
914322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
915322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
916322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aca21:<flags> [calling]
917322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
918322c.3bdc: supR3HardenedDllNotificationCallback: load 00000000776c0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
919322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
920322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff1c0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
921322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
922322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff500000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
923322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\lpk.dll [lacks WinVerifyTrust]
924322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff7e0000 LB 0x000ca000 C:\Windows\system32\USP10.dll [fFlags=0x0]
925322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\usp10.dll [lacks WinVerifyTrust]
926322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
927322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002abf21:<flags> [calling]
928322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1c0000 'C:\Windows\system32\gdi32.dll'
929322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
930322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
931322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
932322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
933322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
934322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
935322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
936322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
937322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
938322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
939322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
940322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
941322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
942322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
943322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
944322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
945322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
946322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
947322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
948322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
949322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
950322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
951322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
952322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
953322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
954322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
955322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
956322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
957322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
958322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
959322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
960322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ab861:<flags> [calling]
961322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
962322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff8b0000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
963322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
964322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefec00000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
965322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
966322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'C:\Windows\system32\IMM32.DLL'
967322c.3bdc: \Device\HarddiskVolume1\Windows\System32\nvinitx.dll: Owner is administrators group.
968322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
969322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
970322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nvinitx.dll)
971322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nvinitx.dll
972322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
973322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
974322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
975322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
976322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
977322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
978322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\nvinitx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ab471:<flags> [calling]
979322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
980322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd430000 LB 0x00040000 C:\Windows\system32\nvinitx.dll [fFlags=0x0]
981322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
982322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd430000 'C:\Windows\system32\nvinitx.dll'
983322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000776c0000 'C:\Windows\system32\USER32.dll'
984322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
985322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
986322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
987322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
988322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
989322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
990322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
991322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
992322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
993322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
994322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
995322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
996322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
997322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
998322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acd21:<flags> [calling]
999322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
1000322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefce50000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
1001322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
1002322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce50000 'C:\Windows\system32\ncrypt.dll'
1003322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1004322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002acb11:<flags> [calling]
1005322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce20000 'C:\Windows\system32\bcrypt.dll'
1006322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1007322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1008322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
1009322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
1010322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
1011322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
1012322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
1013322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1014322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
1015322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
1016322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1017322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1018322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1019322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1020322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1021322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1022322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1023322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1024322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1025322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac4d1:<flags> [calling]
1026322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1027322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd860000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
1028322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1029322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd510000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
1030322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1031322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd860000 'C:\Windows\system32\USERENV.dll'
1032322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac231:<flags> [calling]
1033322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1034322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002abe91:<flags> [calling]
1035322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1036322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1037322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ab591:<flags> [calling]
1038322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefead0000 'C:\Windows\system32\rpcrt4.dll'
1039322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002abe91:<flags> [calling]
1040322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
1041322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1042322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RPCRT4.dll (Input=RPCRT4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac321:<flags> [calling]
1043322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefead0000 'C:\Windows\system32\RPCRT4.dll'
1044322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac321:<flags> [calling]
1045322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1046322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002abfc1:<flags> [calling]
1047322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1048322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac5c1:<flags> [calling]
1049322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1050322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1051322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1052322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
1053322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
1054322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1055322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1056322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1057322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1058322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1059322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1060322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac7f1:<flags> [calling]
1061322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1062322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefc710000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
1063322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1064322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc710000 'C:\Windows\system32\GPAPI.dll'
1065322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac741:<flags> [calling]
1066322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1067322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac721:<flags> [calling]
1068322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-Management-L2-1-0.dll'
1069322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac731:<flags> [calling]
1070322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1071322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1072322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
1073322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
1074322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
1075322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
1076322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
1077322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
1078322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
1079322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1080322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
1081322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
1082322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1083322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1084322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1085322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1086322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1087322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1088322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1089322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1090322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1091322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1092322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1093322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1094322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac211:<flags> [calling]
1095322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1096322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef6ff0000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
1097322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1098322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff160000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
1099322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
1100322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1101322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=00000000002ab441:<flags> [calling]
1102322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1103322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1104322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=00000000002ab441:<flags> [calling]
1105322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1106322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1107322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=00000000002ab441:<flags> [calling]
1108322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1109322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1110322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=00000000002ab441:<flags> [calling]
1111322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1112322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1113322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=00000000002ab441:<flags> [calling]
1114322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1115322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1116322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=00000000002ab441:<flags> [calling]
1117322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1118322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1119322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1120322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1121322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1122322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1123322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1124322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1125322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1126322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1127322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1128322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1129322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6ff0000 'C:\Windows\system32\cryptnet.dll'
1131322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002abba1:<flags> [calling]
1132322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1133322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1134322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002abba1:<flags> [calling]
1135322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd510000 'C:\Windows\system32\profapi.dll'
1136322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1137322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1138322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1139322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
1140322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
1141322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1142322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1143322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1144322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1145322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1146322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
1147322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1148322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1149322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1150322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ab641:<flags> [calling]
1151322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1152322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefea50000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
1153322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1154322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea50000 'C:\Windows\system32\SHLWAPI.dll'
1155322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1156322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000002913da0
1157322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1158322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2B2074603B390BFFDF065F1D99436E162DA01247
1159322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac4e1:<flags> [calling]
1160322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1161322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac041:<flags> [calling]
1162322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1163322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac041:<flags> [calling]
1164322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
1165322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1166322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac4e1:<flags> [calling]
1167322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.dll'
1168322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000002ac491:<flags> [calling]
1169322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1170322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\SystemRoot\System32\ntdll.dll'
1171322c.3bdc: g_pfnWinVerifyTrust=000007fefd601010
1172322c.3bdc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1173322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
1174322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1175322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1176322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B757256DD06374F77FF8DC61E1FEC0E93F3DF2F3
1177322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_192_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
1178322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1179322c.3bdc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
1180322c.3bdc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1181322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
1182322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1183322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1184322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E9D66460DAFA96F2CF96829A002753DECB7ED7CF
1185322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
1186322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1187322c.3bdc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
1188322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003c8 pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
1189322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1190322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1191322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
1192322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
1193322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1194322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
1195322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003c0 pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
1196322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1197322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1198322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
1199322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
1200322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1201322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
1202322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003bc pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
1203322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1204322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1205322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2545617940C2A353D1E2B307B3C55DF27B1EEBE9
1206322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
1207322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1208322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
1209322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000002ec pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
1210322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1211322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1212322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EBDAA16C3FD93DFF9C20BA3B2689DFF4C8D31061
1213322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3159398~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
1214322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1215322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
1216322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001dc pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
1217322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1218322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1219322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
1220322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\profapi.dll'
1221322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1222322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
1223322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d8 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
1224322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1225322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1226322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
1227322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\userenv.dll'
1228322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1229322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
1230322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
1231322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1232322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1233322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=70BE8DF8A16BB94EF111539086D4FF1AD2F9302E
1234322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB3161561~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
1235322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1236322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
1237322c.3bdc: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Windows\System32\nvinitx.dll'
1238322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume1\Windows\System32\nvinitx.dll
1239322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1240322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1241322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C0D2EF1199F6922E255762832EFCD158CB488C63
1242322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem82.CAT'; file='\Device\HarddiskVolume1\Windows\System32\nvinitx.dll'
1243322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)
1244322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\nvinitx.dll'
1245322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a8 pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
1246322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1247322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1248322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
1249322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msctf.dll'
1250322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1251322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
1252322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
1253322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1254322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1255322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
1256322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\imm32.dll'
1257322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1258322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
1259322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
1260322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1261322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1262322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=31498ABFB06219E83141E0AA8B2A55C4CECFD033
1263322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\usp10.dll'
1264322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1265322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
1266322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
1267322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1268322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1269322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B248FC58436AAEFEF00A75FCE0F004E89F8C7F94
1270322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3164033~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\lpk.dll'
1271322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1272322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
1273322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
1274322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1275322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1276322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C26B6C5525D45228994D185B3C08A3BC03FF6AFF
1277322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3164035~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
1278322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1279322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
1280322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
1281322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1282322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1283322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=94AFB7B548C6C2376C6AEE4ECE2FA09C90F5FD4B
1284322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\user32.dll'
1285322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1286322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
1287322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
1288322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1289322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1290322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
1291322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
1292322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1293322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
1294322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000134 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
1295322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1296322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1297322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2FBDB2BE50EFD6099E890F4DD263A53B8B2EE30E
1298322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB3161561~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
1299322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1300322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
1301322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
1302322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
1303322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1304322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1305322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
1306322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
1307322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1308322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
1309322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
1310322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1311322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1312322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
1313322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\sechost.dll'
1314322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1315322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
1316322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
1317322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1318322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1319322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=39D43404454E9187689A82DF7C071193F419224E
1320322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_150_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
1321322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1322322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
1323322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
1324322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
1325322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1326322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1327322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
1328322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
1329322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1330322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
1331322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
1332322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1333322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1334322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
1335322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
1336322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1337322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
1338322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
1339322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1340322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1341322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1342322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
1343322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1344322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
1345322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
1346322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1347322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1348322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6F54D373BC118C6B384E74714832EFD4D9FBAA12
1349322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB3161561~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
1350322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1351322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
1352322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1353322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
1354322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1355322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1356322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7692F3D670BDC0FC9E32BAA19C7AB6DDD55F2067
1357322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
1358322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1359322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
1360322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
1361322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1362322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1363322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CD16A55718A266ABD00ED5A81A94217318BED5ED
1364322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
1365322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1366322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
1367322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
1368322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002abf91:<flags> [calling]
1369322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6e0000 'C:\Windows\system32\crypt32.dll'
1370322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x543e660e717dca00 CN=ABB-WLAN-CA
1371322c.3bdc: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance Code Signing CA-1
1372322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1373322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1374322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1375322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1376322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1377322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x1a7ec5a18768ae00 CN=wiproabb.aptean.com
1378322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1379322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1380322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1381322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe0249b57ec7fbc00 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication EV RootCA1
1382322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xee325335cd8dba00 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2007
1383322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4a25c87eb933b700 C=RO, O=certSIGN, OU=certSIGN ROOT CA
1384322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3703c8da1585b000 C=FI, ST=Finland, O=Vaestorekisterikeskus CA, OU=Certification Authority Services, OU=Varmennepalvelut, CN=VRK Gov. Root CA
1385322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8b062bb556fcc300 C=FR, O=Certeurope, OU=0002 434202180, CN=Certeurope Root CA 2
1386322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x977025a7d23db100 C=UY, O=ADMINISTRACION NACIONAL DE CORREOS, OU=SERVICIOS ELECTRONICOS, CN=Correo Uruguayo - Root CA
1387322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x15941d5f68b5c600 CN=ComSign Secured CA, O=ComSign, C=IL
1388322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa12b07674f1bf600 C=US, O=AffirmTrust, CN=AffirmTrust Commercial
1389322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x57b18dfb583fb8cd C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G3
1390322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x75a2ccecb8259a00 C=TW, O=Government Root Certification Authority
1391322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3c0043239a65bd00 C=FR, O=Certplus, CN=Class 3TS Primary CA
1392322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
1393322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1394322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa5c88c0a3eb7ab00 CN=TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı, C=TR, L=Ankara, O=TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Aralık 2007
1395322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4701de45a311b800 C=NL, O=Digidentity B.V., CN=Digidentity L3 Root CA - G2
1396322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd66525adaaa600 C=JP, O=Japanese Government, OU=GPKI, CN=ApplicationCA2 Root
1397322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x91e3728b8b40d000 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority
1398322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x49dccfc3945cd200 C=GB, O=Trustis Limited, OU=Trustis EVS Root CA
1399322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xeb7a1ac4eef2cd00 C=HU, L=Budapest, O=NetLock Kft., OU=Tanúsítványkiadók (Certification Services), CN=NetLock Platina (Class Platinum) Főtanúsítvány
1400322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x788c2b5ac673bf00 C=CN, O=CFCA GT CA
1401322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8fe279bdb46fee00 C=US, O=Wells Fargo WellsSecure, OU=Wells Fargo Bank NA, CN=WellsSecure Public Root Certificate Authority
1402322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x57ea572f1df7c400 C=ch, O=Swisscom, OU=Digital Certificate Services, CN=Swisscom Root EV CA 2
1403322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe0c6a3a05515a600 C=US, O=GeoTrust Inc., CN=GeoTrust Universal CA
1404322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x1f3f10cd6b5dd700 C=CN, O=China Financial Certification Authority, CN=CFCA EV ROOT
1405322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc7d32b6954e4f000 CN=ComSign CA, O=ComSign, C=IL
1406322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1407322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x760668e19592ff00 CN=ACEDICOM Root, OU=PKI, O=EDICOM, C=ES
1408322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe8493f8d937dad00 C=TR, O=Elektronik Bilgi Guvenligi A.S., CN=E-GUVEN Kok Elektronik Sertifika Hizmet Saglayicisi S2
1409322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x50bb81640c01cb00 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
1410322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1411322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xaafa7abb99ab000 O=Cisco Systems, CN=Cisco Root CA 2048
1412322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
1413322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1414322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
1415322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5eb09e2012c300 C=TR, O=Elektronik Bilgi Guvenligi A.S., CN=e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi
1416322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb798ed29328b700 CN=Autoridad de Certificacion Raiz del Estado Venezolano, C=VE, L=Caracas, ST=Distrito Capital, O=Sistema Nacional de Certificacion Electronica, OU=Superintendencia de Servicios de Certificacion Electronica, Email=acraiz@suscerte.gob.ve
1417322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x38b3b5303d1acd00 C=GR, O=Athens Exchange S.A., CN=ATHEX Root CA
1418322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe35016950adaa500 C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 Root CA
1419322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1420322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x72b9f9f128f2be00 C=DE, O=DATEV eG, CN=CA DATEV BT 01
1421322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2
1422322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x41fe5fa9df12c400 C=US, O=AffirmTrust, CN=AffirmTrust Premium
1423322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x266e9b638ffac00 C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1
1424322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xafc0be88bdf2a800 DC=rs, DC=posta, DC=ca, CN=Configuration, CN=Services, CN=Public Key Services, CN=AIA, CN=Posta CA Root
1425322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1426322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1427322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3931598f2f47ac00 C=PL, O=Krajowa Izba Rozliczeniowa S.A., CN=SZAFIR ROOT CA
1428322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd94cd06e3094b700 C=FR, O=Certplus, CN=Class 3 Primary CA
1429322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf08242cb8436b500 C=CZ, CN=I.CA - Qualified Certification Authority, 09/2009, O=První certifikační autorita, a.s., OU=I.CA - Accredited Provider of Certification Services
1430322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1431322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
1432322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc6536f24d57ae723 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
1433322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
1434322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x39889aa748eabf00 C=ES, ST=Barcelona, L=Barcelona (see current address at https://www.anf.es/address/), O=ANF Autoridad de Certificación, OU=ANF Clase 1 CA?
1435322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x48cc53a3896bab00 C=CO, O=Sociedad Cameral de Certificación Digital - Certicámara S.A., CN=AC Raíz Certicámara S.A.
1436322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd71519e43fd5ba00 C=CA, ST=Ontario, L=Toronto, O=Echoworx Corporation, OU=Certification Services, CN=Echoworx Root CA2
1437322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xade42733bd8d9700 C=us, O=U.S. Government, OU=FBCA, CN=Common Policy
1438322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x1c29714b0c909400 C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA1
1439322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
1440322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4bc5e0ecc020c800 C=EE, O=AS Sertifitseerimiskeskus, CN=EE Certification Centre Root CA, Email=pki@sk.ee
1441322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xca22f040a77fb200 C=LU, O=LuxTrust s.a., CN=LuxTrust Global Root
1442322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe0b0c3006b04c400 C=LV, OU=Sertifikacijas pakalpojumu dala, CN=E-ME SSI (RCA)
1443322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x22c0bfed122ca900 C=CH, O=The Federal Authorities of the Swiss Confederation, OU=Services, OU=Certification Authorities, CN=Swiss Government Root CA II
1444322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x292d67d00f91f000 C=ES, O=Agencia Notarial de Certificacion S.L. Unipersonal - CIF B83395988, CN=ANCERT Certificados Notariales
1445322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8a0b90e1e0a8700 C=IN, O=India PKI, CN=CCA India 2011
1446322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xea33d3c14ab5d900 C=DE, ST=Baden-Wuerttemberg (BW), L=Stuttgart, O=Deutscher Sparkassen Verlag GmbH, CN=S-TRUST Authentication and Encryption Root CA 2005:PN
1447322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1448322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6e864c7a8071ba00 C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM
1449322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x923c3ab73579a1d0 C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC
1450322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xbab415bd1e249800 C=US, OU=www.xrampsecurity.com, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority
1451322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x85d60900c4a3a200 C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R2
1452322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1453322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8c3756f8425c300 C=US, O=Wells Fargo WellsSecure, OU=Wells Fargo Bank NA, CN=WellsSecure Public Root Certification Authority 01 G2
1454322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x20a3c30cad008000 C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=DNIE, CN=AC RAIZ DNIE
1455322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1456322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb5e231b8cb64a900 C=PL, O=Telekomunikacja Polska S.A., OU=Signet Certification Authority, CN=Signet Root CA
1457322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf7c33b7ebfec9b00 C=SI, O=POSTA, OU=POSTArCA
1458322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1459322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xab7df2a48539b200 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication and Email
1460322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb3d6d6c9f168c800 C=FR, O=Dhimyotis, CN=Certigna
1461322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1462322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xfbf8ea8e6b96ca00 C=ES, CN=Autoridad de Certificacion Firmaprofesional CIF A62634068
1463322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xeb1d2a732928b200 CN=ComSign Global Root CA, O=ComSign Ltd., C=IL
1464322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1465322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf44cbb0f8c74bc00 C=HU, ST=Hungary, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Kozjegyzoi (Class A) Tanusitvanykiado
1466322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x67db7cef8732e500 C=DE, O=DATEV eG, CN=CA DATEV STD 02
1467322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6a4c39c4152dd100 C=CZ, CN=I.CA - Standard root certificate, O=Prvni certifikacni autorita a.s.
1468322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xbf168afe877852f1 C=US, O=thawte, Inc., OU=(c) 2007 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G2
1469322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdf103d404d3cef00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA 2
1470322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x40e7dd0ea446ba00 C=BR, O=ICP-Brasil, OU=Instituto Nacional de Tecnologia da Informacao - ITI, CN=Autoridade Certificadora Raiz Brasileira v2
1471322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1472322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x177a8452aab3d500 C=BE, O=Certipost s.a./n.v., CN=Certipost E-Trust Primary Normalised CA
1473322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x449f1b13efa09400 C=CH, O=SwissSign AG, CN=SwissSign Platinum Root CA - G3
1474322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x862f01f4720ec800 C=CH, O=The Federal Authorities of the Swiss Confederation, OU=Services, OU=Certification Authorities, CN=Swiss Government Root CA I
1475322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x363f522f28e7d900 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2
1476322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xda5f1cc8fc5ca000 C=CZ, O=Česká pošta, s.p. [IČ 47114983], CN=PostSignum Root QCA 2
1477322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdff6d845073c8b00 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 CA 1
1478322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2f371157ab2ac600 C=ES, O=Generalitat Valenciana, OU=PKIGVA, CN=Root CA Generalitat Valenciana
1479322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd41691e475fb8515 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority
1480322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xada18517b3fdc600 C=FR, O=KEYNECTIS, OU=ROOT, CN=KEYNECTIS ROOT CA
1481322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3178d37f87f1c400 C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2
1482322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf4eb5e1975b7c500 C=my, O=TM, OU=TM Applied Business Certification Authority, CN=TM Applied Business Root Certificate
1483322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1484322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x87b3c722f299c800 C=LT, O=VI Registru Centras - I.k. 124110246, OU=Registru Centro Sertifikavimo Centras, CN=VI Registru Centras RCSC (RootCA)
1485322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2fba703484f19900 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 EV 2009
1486322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x68dbf810c635b900 C=JP, O=LGPKI, OU=Application CA G2
1487322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x94b9196cd23ff000 C=DE, O=DATEV eG, CN=CA DATEV INT 02
1488322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x974a61bfaba99b00 CN=ACCVRAIZ1, OU=PKIACCV, O=ACCV, C=ES
1489322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
1490322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1491322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x52273f34861cc300 C=IT, L=Milano, O=Actalis S.p.A./03358520967, CN=Actalis Authentication CA G1
1492322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xebbf1d700c008a00 C=US, O=Verizon Business, OU=OmniRoot, CN=Verizon Global Root CA
1493322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x94fb3f125608a800 C=CZ, CN=I.CA - Standard Certification Authority, 09/2009, O=První certifikační autorita, a.s., OU=I.CA - Provider of Certification Services
1494322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5a341635fb75d800 C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA
1495322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1496322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x236696801e5e9900 C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA3
1497322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa398dcf778c3aa00 C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R1
1498322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xef62113787ebace5 C=US, O=GeoTrust Inc., OU=(c) 2007 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G2
1499322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7c71e6059b87be00 C=CH, O=SwissSign AG, CN=SwissSign Silver Root CA - G3
1500322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1501322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6a3ad06184a0ee00 CN=EBG Elektronik Sertifika Hizmet Sağlayıcısı, O=EBG Bilişim Teknolojileri ve Hizmetleri A.Ş., C=TR
1502322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xad77733ff735d300 C=CN, O=CNNIC, CN=CNNIC ROOT
1503322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdaad63f38ff8e900 C=HU, L=Budapest, O=Microsec Ltd., CN=Microsec e-Szigno Root CA 2009, Email=info@e-szigno.hu
1504322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1505322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1506322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1507322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3b756388ea46ee60 C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 1 Public Primary Certification Authority - G4
1508322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xbe8f77488550e400 C=AU, O=GOV, OU=DoD, OU=PKI, OU=CAs, CN=ADOCA02
1509322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7d2686ca075db300 C=CN, O=UniTrust, CN=UCA Root
1510322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5784013b5c9c9d00 CN=ComSign Advanced Security CA
1511322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5c39bb51bbe0b400 C=DE, O=TC TrustCenter GmbH, OU=TC TrustCenter Class 3 CA, CN=TC TrustCenter Class 3 CA II
1512322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x80932303749f217 C=SI, O=Halcom, CN=Halcom CA PO 2
1513322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8b7607cf260bd500 C=si, O=state-institutions, OU=sigov-ca
1514322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8f874e74e06da700 C=JP, O=Japanese Government, OU=ApplicationCA
1515322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x23f085ee57b2b400 C=ES, O=Consejo General de la Abogacia NIF:Q-2863006I, CN=Autoridad de Certificacion de la Abogacia
1516322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x831827e970529d00 C=ES, O=Agencia Notarial de Certificacion S.L.U. - CIF B83395988, CN=ANCERT Certificados CGN V2
1517322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5534b165029017e7 C=US, O=Equifax Secure Inc., CN=Equifax Secure Global eBusiness CA-1
1518322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7052e7f4a064c100
1519322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
1520322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x81a1442a1fc49700 CN=Autoridad Certificadora Raíz Nacional de Uruguay, O=AGESIC, C=UY
1521322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x802b3770cb00af00 C=EU, L=Madrid (see current address at www.camerfirma.com/address)
1522322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe6519d844e429500 C=ch, O=Swisscom, OU=Digital Certificate Services, CN=Swisscom Root CA 2
1523322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc9b005046ffea100 C=KR, O=Government of Korea, OU=GPKI, CN=GPKIRootCA1
1524322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1525322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa09adb78d220ae00 C=BE, O=Certipost s.a./n.v., CN=Certipost E-Trust Primary Qualified CA
1526322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1527322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
1528322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc66d30927ebce400 C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
1529322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xce3493bee81cce00 C=BR, O=ICP-Brasil, OU=Instituto Nacional de Tecnologia da Informacao - ITI, CN=Autoridade Certificadora Raiz Brasileira v1
1530322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa16e1e56de57af00 C=US, O=VISA, OU=Visa International Service Association, CN=Visa eCommerce Root
1531322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2a6a1dc6b9e6b200 C=ES, O=Agencia Notarial de Certificacion S.L.U. - CIF B83395988, CN=ANCERT Certificados Notariales V2
1532322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x185da5e55536b700 C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Chambers of Commerce Root
1533322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd919515ec7f4b500 C=TR, O=Elektronik Bilgi Guvenligi A.S., CN=E-GUVEN Kok Elektronik Sertifika Hizmet Saglayicisi S3
1534322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca999312534d200 C=CH, O=admin, OU=Services, OU=Certification Authorities, CN=AdminCA-CD-T01
1535322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x25debfb1cdcddc00 CN=AC1 RAIZ MTIN
1536322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xaec72ec8296bc300 C=FR, O=Certplus, CN=Class 1 Primary CA
1537322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa4031c19392e9f0e OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign
1538322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x88db8dee0f25e100 C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority
1539322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xfaccd3ef7cba514a C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 2 Public Primary Certification Authority - G4
1540322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf274f0a48808ab00 C=CZ, CN=I.CA - Qualified root certificate, O=První certifikační autorita, a.s.
1541322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1542322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1543322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdb2cd5c20d0aaf00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 2 Public Primary Certification Authority - G3
1544322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6429d974d78ea400 C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 CA 1
1545322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x33c562d0d11fb200 C=FR, ST=France, L=Paris, O=PM/SGDN, OU=DCSSI, CN=IGC/A, Email=igca@sgdn.pm.gouv.fr
1546322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1547322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x665014bdbcc8f800 O=Cybertrust, Inc, CN=Cybertrust Global Root
1548322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
1549322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xbbd90ca8b0b9d000 C=ch, O=Swisscom, OU=Digital Certificate Services, CN=Swisscom Root CA 1
1550322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5536e4a191fbb300 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Network Applications
1551322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
1552322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5153f7daa1499900 C=DK, O=TRUST2408, CN=TRUST2408 OCES Primary CA
1553322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x19c084be4feaba00 C=LT, O=Skaitmeninio sertifikavimo centras, OU=Certification Authority, CN=SSC Root CA A
1554322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x92d01fe10011c900 C=US, O=VISA, OU=Visa International Service Association, CN=Visa Information Delivery Root CA
1555322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3eaa756fe759c500 C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden Root CA - G2
1556322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x363d9b00b34fcb00 C=CH, O=WISeKey, OU=Copyright (c) 2005, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GA CA
1557322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
1558322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xef477acf4ab2d300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009
1559322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc672382f6ee021a1 C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Public Primary Certification Authority - G4
1560322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8aca89ee6edc000 C=SE, O=Inera AB, CN=SITHS Root CA v1
1561322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf8dae202a2dfca00 C=CH, O=SwissSign AG, CN=SwissSign Platinum CA - G2
1562322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7637cbb5cf9ce200 C=SG, O=Netrust Certificate Authority 1, OU=Netrust CA1
1563322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2262f09375bd00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 3
1564322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x75f4feca85b98900 C=SI, O=Halcom, CN=Halcom Root CA
1565322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xfe74e9a1fda3c000 C=DE, O=DATEV eG, CN=CA DATEV INT 01
1566322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x1e5105933ff5e200 C=TR, L=Ankara, O=E-Tuğra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş., OU=E-Tugra Sertifikasyon Merkezi, CN=E-Tugra Certification Authority
1567322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x99a96449d739c700 C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 1 Public Primary Certification Authority - G6
1568322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1569322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x783bbdee737e9b00 C=CN, O=China Internet Network Information Center, CN=China Internet Network Information Center EV Certificates Root
1570322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1571322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x615eae439978de00 C=US, ST=MN, L=Minneapolis, O=Open Access Technology International Inc, CN=OATI WebCARES Root CA
1572322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9b3ae4d356dfc000 C=EU, L=Madrid (see current address at www.camerfirma.com/address)
1573322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x69785d02da6eb500 C=ES, O=IZENPE S.A. - CIF A-01337260-RMerc.Vitoria-Gasteiz T1055 F62 S8, L=Avda del Mediterraneo Etorbidea 3 - 01010 Vitoria-Gasteiz, CN=Izenpe.com, Email=Info@izenpe.com
1574322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf8491584e4cdb300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 2 CA 2007
1575322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd407c1f75ec7d700 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA
1576322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xea8e67100ecbb300 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3
1577322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1578322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xfe3e3d933619ad3f C=ES, O=FNMT, OU=FNMT Clase 2 CA
1579322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe05fe608c95b000 C=IL, O=PersonalID Ltd., OU=Certificate Services, CN=PersonalID Trustworthy RootCA 2011
1580322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa321f027ebbec200 O=TeliaSonera, CN=TeliaSonera Root CA v1
1581322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xcfd21c88249eb300 C=AT, O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH, OU=A-Trust-Qual-03, CN=A-Trust-Qual-03
1582322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8563c805e9cccd00 C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 2 Public Primary Certification Authority - G6
1583322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd607333e36718100 Email=pki@sk.ee, C=EE, O=AS Sertifitseerimiskeskus, CN=Juur-SK
1584322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdc94c92cf53db900 C=US, O=Digital Signature Trust, OU=DST ACES, CN=DST ACES CA X6
1585322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4e5147f555f3c100 C=LT, O=Skaitmeninio sertifikavimo centras, OU=Certification Authority, CN=SSC Root CA B
1586322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x64acc0b265e5b000 C=si, O=state-institutions, OU=sigen-ca
1587322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1588322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5901ca5aa77fd00 C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA11
1589322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd0353b9e7b50c500 C=GB, O=Trustis Limited, OU=Trustis FPS Root CA
1590322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x556cacd82e35af00 C=US, O=SecureTrust Corporation, CN=Secure Global CA
1591322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x99f15213ef3bc100 CN=Autoridad de Certificacion Raiz del Estado Venezolano, C=VE, L=Caracas, ST=Distrito Capital, O=Sistema Nacional de Certificacion Electronica, OU=Superintendencia de Servicios de Certificacion Electronica, Email=acraiz@suscerte.gob.ve
1592322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe4dba5da41bbe600 C=DE, O=DATEV eG, CN=CA DATEV BT 02
1593322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
1594322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa9c86e43a2efdb00 C=PT, O=SCEE, CN=ECRaizEstado
1595322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf0ca9d354a179000 C=FI, O=Sonera, CN=Sonera Class2 CA
1596322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf23ec9c15254b300 C=US, O=GeoTrust Inc., CN=GeoTrust Universal CA 2
1597322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1598322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1599322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7052e7f4a064c100 L=Alvaro Obregon, ST=Distrito Federal, C=MX?
1600322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe8985fec4712d200 C=AT, L=Vienna, ST=Austria, O=ARGE DATEN - Austrian Society for Data Protection, OU=GLOBALTRUST Certification Service, CN=GLOBALTRUST, Email=info@globaltrust.info
1601322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xae429fd0a270a200 C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Global Chambersign Root
1602322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x1e150ab191dca400 C=ZA, O=LAWtrust, OU=LAW Trusted Third Party Services PTY Ltd., CN=LAWtrust Root Certification Authority 2048
1603322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1604322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x20b7075b3689b600 C=IL, O=StartCom Ltd., CN=StartCom Certification Authority G2
1605322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xac1e0fca7ad3c900 C=ES, O=IZENPE S.A., CN=Izenpe.com
1606322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xafe3d3869f859d00 C=FR, O=Certinomis, OU=0002 433998903, CN=Certinomis - Autorité Racine
1607322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3b2a6f973b859500 CN=Atos TrustedRoot 2011, O=Atos, C=DE
1608322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
1609322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xfd887dc131f69200 C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig
1610322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6b2e1733cc84b400 C=US, O=AffirmTrust, CN=AffirmTrust Networking
1611322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x4297e24fc722b300 C=ES, O=Agencia Catalana de Certificacio (NIF Q-0801176-I), OU=Serveis Publics de Certificacio, OU=Vegeu https://www.catcert.net/verarrel (c)03, OU=Jerarquia Entitats de Certificacio Catalanes, CN=EC-ACC
1612322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1613322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9abc4dfab20eb700 C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Public Primary Certification Authority - G6
1614322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xfe221444afe0cb00 C=ch, O=admin, OU=Services, OU=Certification Authorities, CN=Admin-Root-CA
1615322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdd80d271558fb700 O=RSA Security Inc, OU=RSA Security 2048 V3
1616322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
1617322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa9cc8cfa2245a100 C=LT, O=Skaitmeninio sertifikavimo centras, OU=Certification Authority, CN=SSC Root CA C
1618322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
1619322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xcd7b81d500c8ed00 C=HU, L=Budapest, O=Microsec Ltd., OU=e-Szigno CA, CN=Microsec e-Szigno Root CA
1620322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x92ac5ed85c2d0e9b C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2007 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G4
1621322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x419b60ebff37ab00 C=FR, O=Certplus, CN=Class 3P Primary CA
1622322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb8ce920e1b50ac00 C=ES, O=Colegio de Registradores de la Propiedad y Mercantiles de España, OU=Certificado Propio, CN=Registradores de España - CA Raíz
1623322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x665f55ebd06ce27b C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1
1624322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa7f9b4b9d484dd00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 1 Public Primary Certification Authority - G3
1625322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xe69c54164257cc00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3
1626322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
1627322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e98e1050bea000 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3
1628322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3a8810ff4b6d8a00 C=TR, L=Gebze - Kocaeli, O=Türkiye Bilimsel ve Teknolojik Araştırma Kurumu - TÜBİTAK, OU=Ulusal Elektronik ve Kriptoloji Araştırma Enstitüsü - UEKAE, OU=Kamu Sertifikasyon Merkezi, CN=TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3
1629322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9830119f287caa00 C=FR, O=ANSSI, OU=0002 130007669, CN=IGC/A AC racine Etat francais
1630322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7f2bd4d15bd9c500 C=SE, O=Carelink, CN=SITHS CA v3
1631322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xfa20c4eccee39700 C=DE, O=DATEV eG, CN=CA DATEV STD 01
1632322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
1633322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd5f715744f1cca00 C=SE, O=Swedish Social Insurance Agency, CN=Swedish Government Root Authority v1
1634322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xcaac0c3f3f759000 C=ES, O=Agencia Notarial de Certificacion S.L. Unipersonal - CIF B83395988, CN=ANCERT Certificados CGN
1635322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x817a1151b5d29800 C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden Root CA
1636322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xeb8adc879521a200 C=ES, O=Agencia Notarial de Certificacion S.L. Unipersonal - CIF B83395988, CN=ANCERT Corporaciones de Derecho Publico
1637322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf63f5006e5b3da00 C=CN, O=UniTrust, CN=UCA Global Root
1638322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9d5a65c89fe8c300 C=CH, O=SwissSign AG, CN=SwissSign Gold Root CA - G3
1639322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
1640322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2f5561fdf9b89b00 C=LV, O=VAS Latvijas Pasts - Vien.reg.Nr.40003052790, OU=Sertifikacijas pakalpojumi, CN=VAS Latvijas Pasts SSI(RCA)
1641322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1642322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa674f2b1f89b500 C=FI, O=Sonera, CN=Sonera Class1 CA
1643322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5dcc74a787f8b600 C=MO, O=Macao Post, CN=Macao Post eSignTrust Root Certification Authority (G02)
1644322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x6d4bbe735e24c400 C=HU, L=Budapest, O=NetLock Kft., OU=Tanúsítványkiadók (Certification Services), CN=NetLock Arany (Class Gold) Főtanúsítvány
1645322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1646322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf1fbd6404bd4a500 C=BE, O=Certipost s.a./n.v., CN=Certipost E-Trust TOP Root CA
1647322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
1648322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x407c0c3d7576bf00 C=SI, O=ACNLB
1649322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9de5960126a3bc00 C=SI, O=Halcom, CN=Halcom CA FO
1650322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
1651322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1652322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf03913fae404bc00 C=KR, O=KISA, OU=Korea Certification Authority Central, CN=KISA RootCA 1
1653322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd43dd8b22552c700 C=HU, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado, Email=info@netlock.hu
1654322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0xdf603f23927b9600 C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA2
1655322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1656322c.3bdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8a0334de2158bb00 DC=COM, DC=ABB, O=ABB, CN=ABB Root CA
1657322c.3bdc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=286
1658322c.3bdc: SUPR3HardenedMain: Load Runtime...
1659322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1660322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1661322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1662322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1663322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1664322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1665322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1666322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1667322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
1668322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1669322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1670322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1671322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1672322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1673322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=901DCB8172024F14E25295BF5692180F12FC8C18
1674322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\ws2_32.dll'
1675322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1676322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1677322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1678322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1679322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ws2_32.dll) WinVerifyTrust
1680322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1681322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1682322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1683322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1684322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1685322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1686322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1687322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1688322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1689322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1690322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1691322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1692322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1693322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1694322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1695322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000498 pwszName=\Device\HarddiskVolume1\Windows\System32\nsi.dll
1696322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1697322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1698322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
1699322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\nsi.dll'
1700322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1701322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nsi.dll) WinVerifyTrust
1702322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nsi.dll
1703322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1704322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1705322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1706322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1707322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
1708322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac2b1:<flags> [calling]
1709322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1710322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fedf0c0000 LB 0x00519000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1711322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1712322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1713322c.3bdc: supR3HardenedDllNotificationCallback: load 0000000079190000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1714322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1715322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1716322c.3bdc: supR3HardenedDllNotificationCallback: load 0000000004ba0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1717322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1718322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feffa80000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1719322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1720322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefea40000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1721322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
1722322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1723322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1724322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1725322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1726322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1727322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1728322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1729322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1730322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1731322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1732322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1733322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1734322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1735322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1736322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1737322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1738322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1739322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1740322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1741322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1742322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1743322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1744322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1745322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1746322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1747322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1748322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1749322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1750322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1751322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1752322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1753322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1754322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1755322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1756322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1757322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1758322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1759322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1760322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1761322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1762322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1763322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1764322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1765322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1766322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a99f1:<flags> [calling]
1767322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1768322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1769322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1770322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf0c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1771322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
1772322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ade11:<flags> [calling]
1773322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd600000 'C:\Windows\system32\Wintrust.dll'
1774322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
1775322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac971:<flags> [calling]
1776322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6e0000 'C:\Windows\system32\crypt32.dll'
1777322c.3bdc: SUPR3HardenedMain: Load TrustedMain...
1778322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1779322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1780322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1781322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1782322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1783322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
1784322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
1785322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
1786322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1787322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1788322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
1789322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
1790322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
1791322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
1792322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
1793322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
1794322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
1795322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1796322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1797322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e0 pwszName=\Device\HarddiskVolume1\Windows\System32\winmm.dll
1798322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1799322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1800322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1801322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winmm.dll'
1802322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1803322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1804322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1805322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmm.dll) WinVerifyTrust
1806322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmm.dll
1807322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1808322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1809322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume1\Windows\System32\oleaut32.dll
1810322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1811322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1812322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C3BC5EE6972BF0BFEF4A099CB82428B9B682CAD7
1813322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3139940~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
1814322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1815322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1816322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1817322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1818322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1819322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1820322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\oleaut32.dll) WinVerifyTrust
1821322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
1822322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1823322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1824322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e4 pwszName=\Device\HarddiskVolume1\Windows\System32\ole32.dll
1825322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1826322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1827322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=796B1965C19A0614793EA3630408324B2CFA32D2
1828322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3146706~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\ole32.dll'
1829322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1830322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1831322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1832322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1833322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1834322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ole32.dll) WinVerifyTrust
1835322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ole32.dll
1836322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1837322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1838322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f4 pwszName=\Device\HarddiskVolume1\Windows\System32\shell32.dll
1839322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1840322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1841322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B025664F7212FCAD9B2E5AA335933CE9991F602E
1842322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\shell32.dll'
1843322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1844322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1845322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1846322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1847322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1848322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shell32.dll) WinVerifyTrust
1849322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shell32.dll
1850322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1851322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1852322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
1853322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1854322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1855322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1856322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1857322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1858322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1859322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1860322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1861322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1862322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1863322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
1864322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
1865322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1866322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1867322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
1868322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1869322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1870322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1871322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
1872322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
1873322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
1874322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
1875322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1876322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1877322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1878322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1879322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1880322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1881322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1882322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1883322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1884322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1885322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1886322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1887322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1888322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1889322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1890322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1891322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcp100.dll'.
1892322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1893322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
1894322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1895322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1896322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1897322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1898322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1899322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1900322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1901322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1902322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1903322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1904322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1905322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
1906322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1907322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1908322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1909322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1910322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1911322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1912322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1913322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1914322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1915322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1916322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1917322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e8 pwszName=\Device\HarddiskVolume1\Windows\System32\opengl32.dll
1918322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1919322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1920322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
1921322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\opengl32.dll'
1922322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1923322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1924322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1925322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1926322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1927322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1928322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1929322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\opengl32.dll) WinVerifyTrust
1930322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\opengl32.dll
1931322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1932322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1933322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1934322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1935322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume1\Windows\System32\ddraw.dll
1936322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1937322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1938322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1939322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\ddraw.dll'
1940322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1941322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1942322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1943322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1944322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1945322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1946322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1947322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ddraw.dll) WinVerifyTrust
1948322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ddraw.dll
1949322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1950322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1951322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004fc pwszName=\Device\HarddiskVolume1\Windows\System32\glu32.dll
1952322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1953322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1954322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
1955322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\glu32.dll'
1956322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1957322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1958322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1959322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1960322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\glu32.dll) WinVerifyTrust
1961322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\glu32.dll
1962322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1963322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1964322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
1965322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1966322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1967322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
1968322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1969322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1970322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1971322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1972322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1973322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1974322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1975322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1976322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1977322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume1\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1978322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000528 pwszName=\Device\HarddiskVolume1\Windows\System32\mpr.dll
1979322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
1980322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
1981322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
1982322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\mpr.dll'
1983322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1984322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mpr.dll) WinVerifyTrust
1985322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mpr.dll
1986322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1987322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1988322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1989322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1990322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1991322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1992322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1993322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
1994322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1995322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1996322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
1997322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1998322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1999322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2000322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2001322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
2002322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2003322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2004322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
2005322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2006322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2007322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2008322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2009322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2010322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2011322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2012322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
2013322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
2014322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
2015322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2016322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2017322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
2018322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2019322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2020322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
2021322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2022322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2023322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2024322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2025322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2026322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2027322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2028322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2029322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2030322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2031322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2032322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2033322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
2034322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
2035322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
2036322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b8 pwszName=\Device\HarddiskVolume1\Windows\System32\comdlg32.dll
2037322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2038322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2039322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
2040322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\comdlg32.dll'
2041322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2042322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2043322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
2044322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2045322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
2046322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
2047322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
2048322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comdlg32.dll) WinVerifyTrust
2049322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
2050322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
2051322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
2052322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000051c pwszName=\Device\HarddiskVolume1\Windows\System32\winspool.drv
2053322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2054322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2055322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
2056322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\winspool.drv'
2057322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2058322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2059322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
2060322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2061322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winspool.drv) WinVerifyTrust
2062322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winspool.drv
2063322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2064322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2065322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2066322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2067322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2068322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2069322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
2070322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
2071322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
2072322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2073322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2074322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2075322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2076322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2077322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2078322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2079322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2080322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2081322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2082322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2083322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2084322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
2085322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
2086322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
2087322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2088322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2089322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2090322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2091322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
2092322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2093322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2094322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
2095322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2096322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2097322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2098322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2099322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2100322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2101322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2102322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2103322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2104322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2105322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2106322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2107322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2108322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2109322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2110322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2111322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2112322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2113322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2114322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2115322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
2116322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2117322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2118322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2119322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2120322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2121322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2122322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2123322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2124322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2125322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2126322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2127322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2128322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
2129322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
2130322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
2131322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000540 pwszName=\Device\HarddiskVolume1\Windows\System32\comctl32.dll
2132322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2133322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2134322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
2135322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\comctl32.dll'
2136322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2137322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
2138322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2139322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2140322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comctl32.dll) WinVerifyTrust
2141322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comctl32.dll
2142322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2143322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2144322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
2145322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2146322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2147322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2148322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2149322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
2150322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2151322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2152322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2153322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2154322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
2155322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
2156322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
2157322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2158322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2159322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
2160322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
2161322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000052c pwszName=\Device\HarddiskVolume1\Windows\System32\dwmapi.dll
2162322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2163322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2164322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
2165322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dwmapi.dll'
2166322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2167322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2168322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2169322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2170322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dwmapi.dll) WinVerifyTrust
2171322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
2172322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2173322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2174322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000054c pwszName=\Device\HarddiskVolume1\Windows\System32\setupapi.dll
2175322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2176322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2177322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
2178322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
2179322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2180322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
2181322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
2182322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
2183322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2184322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
2185322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
2186322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
2187322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\setupapi.dll) WinVerifyTrust
2188322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\setupapi.dll
2189322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2190322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2191322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
2192322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
2193322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000530 pwszName=\Device\HarddiskVolume1\Windows\System32\dciman32.dll
2194322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2195322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2196322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EB130FE5667C75A1CCDD15015B9391131942AA9
2197322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3164033~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\dciman32.dll'
2198322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2199322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2200322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
2201322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2202322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dciman32.dll) WinVerifyTrust
2203322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dciman32.dll
2204322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2205322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2206322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2207322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2208322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2209322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2210322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2211322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2212322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2213322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2214322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
2215322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume1\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
2216322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000538 pwszName=\Device\HarddiskVolume1\Windows\System32\devobj.dll
2217322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2218322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2219322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
2220322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devobj.dll'
2221322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2222322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2223322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
2224322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\devobj.dll) WinVerifyTrust
2225322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devobj.dll
2226322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2227322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2228322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2229322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2230322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2231322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2232322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2233322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2234322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2235322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2236322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2237322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
2238322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
2239322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000558 pwszName=\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
2240322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2241322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2242322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
2243322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
2244322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2245322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2246322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2247322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2248322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll) WinVerifyTrust
2249322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
2250322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2251322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2252322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2253322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2254322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2255322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2256322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2257322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2258322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2259322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2260322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2261322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2262322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2263322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2264322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2265322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2266322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2267322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2268322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
2269322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
2270322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
2271322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2272322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2273322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ac2c1:<flags> [calling]
2274322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
2275322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fede7e0000 LB 0x008de000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
2276322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
2277322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
2278322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fee8710000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
2279322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
2280322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
2281322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fee86e0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
2282322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
2283322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
2284322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fee85e0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
2285322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
2286322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
2287322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fee85d0000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
2288322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
2289322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefdad0000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
2290322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
2291322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd5c0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
2292322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
2293322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff920000 LB 0x000d8000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
2294322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2295322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd8c0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
2296322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
2297322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd880000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
2298322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\devobj.dll
2299322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
2300322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefafa0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
2301322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
2302322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2303322c.3bdc: supR3HardenedDllNotificationCallback: load 00000000664c0000 LB 0x00553000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
2304322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2305322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefdcb0000 LB 0x00d8a000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
2306322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
2307322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
2308322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feeff10000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
2309322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
2310322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2311322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fede230000 LB 0x005a1000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
2312322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2313322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
2314322c.3bdc: supR3HardenedDllNotificationCallback: load 00000000645c0000 LB 0x0054f000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
2315322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
2316322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
2317322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feed060000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
2318322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
2319322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
2320322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefc0c0000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
2321322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
2322322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff0c0000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
2323322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
2324322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
2325322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2326322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2327322c.3bdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
2328322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
2329322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef6670000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
2330322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
2331322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
2332322c.3bdc: supR3HardenedDllNotificationCallback: load 00000000628e0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
2333322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
2334322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
2335322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef9c40000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
2336322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
2337322c.3bdc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
2338322c.3bdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
2339322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
2340322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2341322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2342322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2343322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2344322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2345322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2346322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ab891:<flags> [calling]
2347322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'C:\Windows\system32\imm32.dll'
2348322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.DLL'
2349322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
2350322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2351322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd300000 'C:\Windows\system32\cryptbase.dll'
2352322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede7e0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
2353322c.3bdc: SUPR3HardenedMain: Calling TrustedMain (000007fede7e15f0)...
2354322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
2355322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ade51:<flags> [calling]
2356322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\ole32.dll'
2357322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.dll'
2358322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
2359322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ae671:<flags> [calling]
2360322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdcb0000 'C:\Windows\system32\shell32.dll'
2361322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
2362322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'imm32.dll'.
2363322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'winmm.dll'.
2364322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2365322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
2366322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2367322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
2368322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
2369322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
2370322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
2371322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
2372322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
2373322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2374322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2375322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2376322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2377322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2378322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2379322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2380322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2381322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2382322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2383322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2384322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2385322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2386322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2387322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2388322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2389322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2390322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
2391322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2392322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2393322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2394322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2395322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2396322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
2397322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2398322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2399322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
2400322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2401322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2402322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
2403322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ae801:<flags> [calling]
2404322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2405322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fedf870000 LB 0x00127000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2406322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2407322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf870000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
2408322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005f4 pwszName=\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2409322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2410322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2411322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
2412322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\uxtheme.dll'
2413322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2414322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2415322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2416322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
2417322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\uxtheme.dll) WinVerifyTrust
2418322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2419322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2420322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2421322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2422322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2423322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2424322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2425322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ae7f1:<flags> [calling]
2426322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2427322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefb220000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
2428322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2429322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb220000 'C:\Windows\system32\uxtheme.dll'
2430322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2431322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ae231:<flags> [calling]
2432322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb220000 'C:\Windows\system32\uxtheme.dll'
2433322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2434322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002adfa1:<flags> [calling]
2435322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb220000 'C:\Windows\system32\uxtheme.dll'
2436322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2437322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002adfa1:<flags> [calling]
2438322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb220000 'C:\Windows\system32\uxtheme.dll'
2439322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
2440322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ae731:<flags> [calling]
2441322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd300000 'C:\Windows\system32\CRYPTBASE.dll'
2442322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000776c0000 'C:\Windows\system32\user32.dll'
2443322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
2444322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aea41:<flags> [calling]
2445322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdcb0000 'C:\Windows\system32\shell32.dll'
2446322c.3bdc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2447322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ae921:<flags> [calling]
2448322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
2449322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
2450322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002ae0e1:<flags> [calling]
2451322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefafa0000 'C:\Windows\system32\dwmapi.dll'
2452322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
2453322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aee61:<flags> [calling]
2454322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
2455322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
2456322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aee61:<flags> [calling]
2457322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
2458322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
2459322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aeeb1:<flags> [calling]
2460322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdcb0000 'C:\Windows\system32\shell32.dll'
2461322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
2462322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aee81:<flags> [calling]
2463322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb220000 'C:\Windows\system32\uxtheme.dll'
2464322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
2465322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aee01:<flags> [calling]
2466322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\advapi32.dll'
2467322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll
2468322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aee01:<flags> [calling]
2469322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd860000 'C:\Windows\system32\userenv.dll'
2470322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
2471322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aeee1:<flags> [calling]
2472322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775a0000 'C:\Windows\system32\kernel32.dll'
2473322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000614 pwszName=\Device\HarddiskVolume1\Windows\System32\clbcatq.dll
2474322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2475322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2476322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
2477322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\clbcatq.dll'
2478322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2479322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2480322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2481322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2482322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2483322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2484322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2485322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clbcatq.dll) WinVerifyTrust
2486322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
2487322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2488322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2489322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2490322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2491322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2492322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2493322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2494322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2495322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2496322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
2497322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2498322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2499322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
2500322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2501322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2502322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
2503322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002abc71:<flags> [calling]
2504322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
2505322c.3bdc: supR3HardenedDllNotificationCallback: load 000007feff460000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
2506322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
2507322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff460000 'C:\Windows\system32\CLBCatQ.DLL'
2508322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.dll'
2509322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
2510322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aaa61:<flags> [calling]
2511322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcea0000 'C:\Windows\system32\CRYPTSP.dll'
2512322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000630 pwszName=\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
2513322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2514322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2515322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
2516322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll'
2517322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2518322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2519322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
2520322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
2521322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2522322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2523322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aa631:<flags> [calling]
2524322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
2525322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd410000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
2526322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
2527322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd410000 'C:\Windows\system32\RpcRtRemote.dll'
2528322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2529322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2530322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2531322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2532322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2533322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2534322c.728: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2535322c.728: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
2536322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2537322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2538322c.728: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2539322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2540322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2541322c.728: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
2542322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2543322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2544322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2545322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2546322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2547322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2548322c.728: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
2549322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2550322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2551322c.728: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000066fe6b1:<flags> [calling]
2552322c.728: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
2553322c.728: supR3HardenedDllNotificationCallback: load 000007feddd20000 LB 0x00501000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2554322c.728: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
2555322c.728: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feddd20000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2556322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2557322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2558322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2559322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2560322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2561322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2562322c.728: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2563322c.728: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2564322c.728: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2565322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2566322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2567322c.728: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
2568322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2569322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2570322c.728: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2571322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2572322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2573322c.728: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
2574322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2575322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2576322c.728: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
2577322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2578322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2579322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2580322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2581322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2582322c.728: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2583322c.728: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000066fd1a1:<flags> [calling]
2584322c.728: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2585322c.728: supR3HardenedDllNotificationCallback: load 000007fedf740000 LB 0x000b5000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2586322c.728: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2587322c.728: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf740000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
2588322c.728: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2589322c.728: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000066fd021:<flags> [calling]
2590322c.728: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff920000 'C:\Windows\system32\oleaut32.dll'
2591322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.dll'
2592322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1c0000 'C:\Windows\system32\gdi32.dll'
2593322c.39dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2594322c.39dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2595322c.39dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll) WinVerifyTrust
2596322c.39dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
2597322c.39dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2598322c.39dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2599322c.39dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2600322c.39dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2601322c.39dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000619a281:<flags> [calling]
2602322c.39dc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
2603322c.39dc: supR3HardenedDllNotificationCallback: load 000007feeced0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
2604322c.39dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
2605322c.39dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeced0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL'
2606322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdcb0000 'C:\Windows\system32\shell32.dll'
2607322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.DLL'
2608322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000960 pwszName=\Device\HarddiskVolume1\Windows\System32\apphelp.dll
2609322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2610322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2611322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82846C7DC170BBD7F68FE9966A8D339A60BCFF16
2612322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\apphelp.dll'
2613322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2614322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll) WinVerifyTrust
2615322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
2616322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2617322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll
2618322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2619322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll
2620322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3b0000 'C:\Windows\system32\apphelp.dll'
2621322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.dll'
2622322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\ole32.dll'
2623322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdcb0000 'C:\Windows\system32\shell32.dll'
2624322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\ole32.dll'
2625322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
2626322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a7e51:<flags> [calling]
2627322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff920000 'C:\Windows\system32\OLEAUT32.dll'
2628322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000998 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
2629322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2630322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2631322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
2632322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll'
2633322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2634322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2635322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
2636322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2637322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2638322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
2639322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
2640322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2641322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
2642322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2643322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2644322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
2645322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2646322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2647322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2648322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2649322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2650322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2651322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2652322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2653322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000099c pwszName=\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
2654322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2655322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2656322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
2657322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll'
2658322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2659322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2660322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
2661322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2662322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2663322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
2664322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll) WinVerifyTrust
2665322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
2666322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2667322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2668322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2669322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2670322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
2671322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2672322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2673322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2674322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2675322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2676322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2677322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2678322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2679322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a6771:<flags> [calling]
2680322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
2681322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef64e0000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2682322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
2683322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
2684322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef3db0000 LB 0x00086000 C:\Windows\system32\wbemcomn.dll [fFlags=0x0]
2685322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
2686322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef64e0000 'C:\Windows\system32\wbem\wbemprox.dll'
2687322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009c4 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
2688322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2689322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2690322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
2691322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll'
2692322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2693322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2694322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2695322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2696322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
2697322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2698322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2699322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2700322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2701322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a6331:<flags> [calling]
2702322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
2703322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef0d70000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2704322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
2705322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wbem\wbemsvc.dll'
2706322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009bc pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
2707322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2708322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2709322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
2710322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll'
2711322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2712322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2713322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
2714322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2715322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2716322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2717322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
2718322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2719322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
2720322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
2721322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
2722322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009d0 pwszName=\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
2723322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2724322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2725322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
2726322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll'
2727322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2728322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2729322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
2730322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
2731322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll) WinVerifyTrust
2732322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
2733322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2734322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2735322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2736322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2737322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2738322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2739322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2740322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2741322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
2742322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2743322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2744322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2745322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2746322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
2747322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2748322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2749322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2750322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2751322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002a6371:<flags> [calling]
2752322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
2753322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef1070000 LB 0x000e2000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2754322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
2755322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
2756322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef18e0000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
2757322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
2758322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1070000 'C:\Windows\system32\wbem\fastprox.dll'
2759322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff920000 'C:\Windows\system32\OLEAUT32.dll'
2760322c.24e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2761322c.24e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
2762322c.24e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2763322c.24e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
2764322c.24e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2765322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2766322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2767322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
2768322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
2769322c.24e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
2770322c.24e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2771322c.24e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2772322c.24e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
2773322c.24e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
2774322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2775322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2776322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2777322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2778322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2779322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2780322c.24e8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2781322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2782322c.24e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2783322c.24e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000903e961:<flags> [calling]
2784322c.24e8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2785322c.24e8: supR3HardenedDllNotificationCallback: load 000007fedd6d0000 LB 0x00299000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2786322c.24e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2787322c.24e8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
2788322c.24e8: supR3HardenedDllNotificationCallback: load 000000006ec00000 LB 0x0010b000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
2789322c.24e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
2790322c.24e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd6d0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2791322c.12bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2792322c.12bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2793322c.12bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2794322c.12bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2795322c.12bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
2796322c.12bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2797322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2798322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2799322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2800322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2801322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2802322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2803322c.12bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2804322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2805322c.12bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2806322c.12bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000930d821:<flags> [calling]
2807322c.12bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2808322c.12bc: supR3HardenedDllNotificationCallback: load 000007fef9710000 LB 0x0000b000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2809322c.12bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2810322c.12bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9710000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
2811322c.12bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000776c0000 'C:\Windows\system32\User32.dll'
2812322c.380c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2813322c.380c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2814322c.380c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2815322c.380c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
2816322c.380c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2817322c.380c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2818322c.380c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2819322c.380c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2820322c.380c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2821322c.380c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
2822322c.380c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2823322c.380c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2824322c.380c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
2825322c.380c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009b0d8e1:<flags> [calling]
2826322c.380c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2827322c.380c: supR3HardenedDllNotificationCallback: load 000007fef9590000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2828322c.380c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2829322c.380c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9590000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
2830322c.3b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2831322c.3b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2832322c.3b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2833322c.3b4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
2834322c.3b4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2835322c.3b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2836322c.3b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2837322c.3b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2838322c.3b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2839322c.3b4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
2840322c.3b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2841322c.3b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2842322c.3b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009cddcd1:<flags> [calling]
2843322c.3b4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2844322c.3b4c: supR3HardenedDllNotificationCallback: load 000007fef9580000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
2845322c.3b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2846322c.3b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9580000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
2847322c.3b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2848322c.3b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2849322c.3b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2850322c.3b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
2851322c.3b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2852322c.3b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2853322c.3b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2854322c.3b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2855322c.3b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2856322c.3b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2857322c.3b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2858322c.3b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000a1add11:<flags> [calling]
2859322c.3b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2860322c.3b68: supR3HardenedDllNotificationCallback: load 000007fef9570000 LB 0x0000b000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
2861322c.3b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2862322c.3b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9570000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
2863322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdcb0000 'C:\Windows\system32\Shell32.dll'
2864322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000094a77a1:<flags> [calling]
2865322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
2866322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll
2867322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094a77e1:<flags> [calling]
2868322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd510000 'C:\Windows\system32\profapi.dll'
2869322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2870322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094a9ad1:<flags> [calling]
2871322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd6d0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2872322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2873322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2874322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2875322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2876322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2877322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
2878322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2879322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2880322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2881322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2882322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2883322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2884322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2885322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2886322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2887322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2888322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2889322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094aac81:<flags> [calling]
2890322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2891322c.4130: supR3HardenedDllNotificationCallback: load 000007fef0190000 LB 0x0002d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
2892322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2893322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0190000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
2894322c.4130: supR3HardenedDllNotificationCallback: Unload 000007fef0190000 LB 0x0002d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
2895322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2896322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2897322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2898322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
2899322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
2900322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2901322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
2902322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
2903322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
2904322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
2905322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
2906322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
2907322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2908322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2909322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c04 pwszName=\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
2910322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2911322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2912322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
2913322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL'
2914322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2915322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2916322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
2917322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
2918322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
2919322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
2920322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
2921322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2922322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2923322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2924322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2925322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
2926322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2927322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2928322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
2929322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2930322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2931322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
2932322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
2933322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2934322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2935322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
2936322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2937322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
2938322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
2939322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2940322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2941322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2942322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
2943322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2944322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
2945322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2946322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2947322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2948322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2949322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2950322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2951322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2952322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2953322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2954322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2955322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2956322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2957322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
2958322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2959322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2960322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2961322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2962322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2963322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2964322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2965322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2966322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2967322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2968322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2969322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2970322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
2971322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
2972322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c10 pwszName=\Device\HarddiskVolume1\Windows\System32\winnsi.dll
2973322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
2974322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
2975322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
2976322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winnsi.dll'
2977322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2978322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2979322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2980322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
2981322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winnsi.dll) WinVerifyTrust
2982322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winnsi.dll
2983322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2984322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2985322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
2986322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2987322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2988322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2989322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2990322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
2991322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2992322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2993322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2994322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2995322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adb21:<flags> [calling]
2996322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
2997322c.4130: supR3HardenedDllNotificationCallback: load 000007feda0f0000 LB 0x008c4000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
2998322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
2999322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3000322c.4130: supR3HardenedDllNotificationCallback: load 000007feecee0000 LB 0x00057000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
3001322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3002322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3003322c.4130: supR3HardenedDllNotificationCallback: load 000007fef0160000 LB 0x0005c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
3004322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3005322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
3006322c.4130: supR3HardenedDllNotificationCallback: load 000007fefc5f0000 LB 0x00027000 C:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
3007322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
3008322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
3009322c.4130: supR3HardenedDllNotificationCallback: load 000007fefc5e0000 LB 0x0000b000 C:\Windows\system32\WINNSI.DLL [fFlags=0x0]
3010322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
3011322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feda0f0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
3012322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3013322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adb21:<flags> [calling]
3014322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3015322c.4130: supR3HardenedDllNotificationCallback: load 000007fef0060000 LB 0x0002d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
3016322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3017322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0060000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
3018322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
3019322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adb21:<flags> [calling]
3020322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feddd20000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
3021322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3022322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ada31:<flags> [calling]
3023322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0160000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
3024322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3025322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3026322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
3027322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3028322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3029322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3030322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3031322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3032322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ada31:<flags> [calling]
3033322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3034322c.4130: supR3HardenedDllNotificationCallback: load 000007fef0140000 LB 0x0001e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
3035322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3036322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0140000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
3037322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3038322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3039322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
3040322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3041322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3042322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3043322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3044322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3045322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ada31:<flags> [calling]
3046322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3047322c.4130: supR3HardenedDllNotificationCallback: load 000007feef620000 LB 0x00016000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
3048322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3049322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feef620000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
3050322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3051322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3052322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
3053322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3054322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3055322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3056322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3057322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3058322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ada31:<flags> [calling]
3059322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3060322c.4130: supR3HardenedDllNotificationCallback: load 000007feef600000 LB 0x00017000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
3061322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3062322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feef600000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
3063322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3064322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3065322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
3066322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3067322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3068322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3069322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3070322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3071322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ada31:<flags> [calling]
3072322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3073322c.4130: supR3HardenedDllNotificationCallback: load 000007feee190000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
3074322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3075322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feee190000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
3076322c.318c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3077322c.318c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3078322c.318c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3079322c.318c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3080322c.318c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3081322c.318c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3082322c.318c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3083322c.318c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3084322c.318c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3085322c.318c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3086322c.318c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3087322c.318c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3088322c.318c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000f58dd61:<flags> [calling]
3089322c.318c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3090322c.318c: supR3HardenedDllNotificationCallback: load 000007feefec0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3091322c.318c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3092322c.318c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feefec0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3093322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3094322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae091:<flags> [calling]
3095322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd6d0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3096322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3097322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3098322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3099322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
3100322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
3101322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3102322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3103322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3104322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3105322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3106322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3107322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3108322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3109322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3110322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094af161:<flags> [calling]
3111322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3112322c.4130: supR3HardenedDllNotificationCallback: load 000007feddc10000 LB 0x0008a000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
3113322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3114322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feddc10000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
3115322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
3116322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad991:<flags> [calling]
3117322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5f0000 'C:\Windows\system32\Iphlpapi.dll'
3118322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d54 pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
3119322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3120322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3121322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D89E2D6AED9A19082ECA108BEEF81A904C7A9756
3122322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll'
3123322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3124322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3125322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
3126322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
3127322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
3128322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll) WinVerifyTrust
3129322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
3130322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3131322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3132322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
3133322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3134322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3135322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
3136322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3137322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3138322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3139322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3140322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc.DLL (Input=dhcpcsvc.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094aeb31:<flags> [calling]
3141322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
3142322c.4130: supR3HardenedDllNotificationCallback: load 000007fef9380000 LB 0x00018000 C:\Windows\system32\dhcpcsvc.DLL [fFlags=0x0]
3143322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
3144322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9380000 'C:\Windows\system32\dhcpcsvc.DLL'
3145322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
3146322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae791:<flags> [calling]
3147322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5f0000 'C:\Windows\system32\IPHLPAPI.DLL'
3148322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d6c pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
3149322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3150322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3151322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3B9B444EEE6F858BAE572BDDE53A4FA1A1E7957B
3152322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll'
3153322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3154322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3155322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
3156322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
3157322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll) WinVerifyTrust
3158322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
3159322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3160322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3161322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
3162322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3163322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3164322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3165322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3166322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc6.DLL (Input=dhcpcsvc6.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094aeae1:<flags> [calling]
3167322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
3168322c.4130: supR3HardenedDllNotificationCallback: load 000007fef9360000 LB 0x00011000 C:\Windows\system32\dhcpcsvc6.DLL [fFlags=0x0]
3169322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
3170322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9360000 'C:\Windows\system32\dhcpcsvc6.DLL'
3171322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
3172322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae801:<flags> [calling]
3173322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5f0000 'C:\Windows\system32\IPHLPAPI.DLL'
3174322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000de8 pwszName=\Device\HarddiskVolume1\Windows\System32\dsound.dll
3175322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3176322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3177322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
3178322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\dsound.dll'
3179322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3180322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3181322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
3182322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3183322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3184322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
3185322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
3186322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dsound.dll) WinVerifyTrust
3187322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dsound.dll
3188322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
3189322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume1\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
3190322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dec pwszName=\Device\HarddiskVolume1\Windows\System32\powrprof.dll
3191322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3192322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3193322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
3194322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\powrprof.dll'
3195322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3196322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3197322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
3198322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
3199322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\powrprof.dll) WinVerifyTrust
3200322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\powrprof.dll
3201322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3202322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3203322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
3204322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3205322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3206322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
3207322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3208322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3209322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3210322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3211322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3212322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3213322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3214322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3215322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
3216322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3217322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3218322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3219322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3220322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad981:<flags> [calling]
3221322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
3222322c.4130: supR3HardenedDllNotificationCallback: load 000007fee5e60000 LB 0x00088000 C:\Windows\System32\dsound.dll [fFlags=0x0]
3223322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
3224322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
3225322c.4130: supR3HardenedDllNotificationCallback: load 000007fefc1e0000 LB 0x0002c000 C:\Windows\System32\POWRPROF.dll [fFlags=0x0]
3226322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
3227322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
3228322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094accf1:<flags> [calling]
3229322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee5e60000 'C:\Windows\System32\dsound.dll'
3230322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee5e60000 'C:\Windows\System32\dsound.dll'
3231322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
3232322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad981:<flags> [calling]
3233322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee5e60000 'C:\Windows\system32\dsound.dll'
3234322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000df0 pwszName=\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3235322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3236322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3237322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
3238322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll'
3239322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3240322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3241322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3242322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
3243322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
3244322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll) WinVerifyTrust
3245322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3246322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
3247322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume1\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
3248322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e14 pwszName=\Device\HarddiskVolume1\Windows\System32\propsys.dll
3249322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3250322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3251322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
3252322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\propsys.dll'
3253322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3254322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3255322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
3256322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
3257322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3258322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
3259322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\propsys.dll) WinVerifyTrust
3260322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\propsys.dll
3261322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3262322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3263322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3264322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3265322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3266322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3267322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3268322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3269322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3270322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3271322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3272322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3273322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3274322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3275322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3276322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3277322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad401:<flags> [calling]
3278322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3279322c.4130: supR3HardenedDllNotificationCallback: load 000007fefbc50000 LB 0x0004b000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
3280322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3281322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
3282322c.4130: supR3HardenedDllNotificationCallback: load 000007fefb9f0000 LB 0x0012c000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
3283322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
3284322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\ADVAPI32.dll'
3285322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbc50000 'C:\Windows\System32\MMDevApi.dll'
3286322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\ole32.dll'
3287322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
3288322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad711:<flags> [calling]
3289322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\SETUPAPI.dll'
3290322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
3291322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae581:<flags> [calling]
3292322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea50000 'C:\Windows\system32\SHLWAPI.dll'
3293322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3294322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae7a1:<flags> [calling]
3295322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbc50000 'C:\Windows\system32\MMDEVAPI.DLL'
3296322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\ole32.dll'
3297322c.2218: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
3298322c.2218: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000019e5f511:<flags> [calling]
3299322c.2218: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5c0000 'C:\Windows\system32\CFGMGR32.dll'
3300322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
3301322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae3d1:<flags> [calling]
3302322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3303322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000094ae231:<flags> [calling]
3304322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-Management-L1-1-0.dll'
3305322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000094ae231:<flags> [calling]
3306322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff900000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
3307322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefead0000 'C:\Windows\system32\RPCRT4.dll'
3308322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3309322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae291:<flags> [calling]
3310322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbc50000 'C:\Windows\system32\MMDevAPI.DLL'
3311322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e4c pwszName=\Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3312322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3313322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3314322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
3315322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wdmaud.drv'
3316322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3317322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3318322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3319322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3320322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3321322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
3322322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
3323322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
3324322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
3325322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wdmaud.drv) WinVerifyTrust
3326322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3327322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
3328322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
3329322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e50 pwszName=\Device\HarddiskVolume1\Windows\System32\avrt.dll
3330322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3331322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3332322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
3333322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\avrt.dll'
3334322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3335322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\avrt.dll) WinVerifyTrust
3336322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\avrt.dll
3337322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3338322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3339322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3340322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
3341322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume1\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
3342322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e6c pwszName=\Device\HarddiskVolume1\Windows\System32\ksuser.dll
3343322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3344322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3345322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D99CFB3BFCA1F454FC7109DB98D18923ABBA361
3346322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB3110329~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\ksuser.dll'
3347322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3348322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3349322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ksuser.dll) WinVerifyTrust
3350322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ksuser.dll
3351322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3352322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3353322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
3354322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3355322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3356322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3357322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3358322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3359322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3360322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3361322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3362322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3363322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3364322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ade01:<flags> [calling]
3365322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3366322c.4130: supR3HardenedDllNotificationCallback: load 000007fef9c00000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
3367322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3368322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
3369322c.4130: supR3HardenedDllNotificationCallback: load 00000000750c0000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0]
3370322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
3371322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
3372322c.4130: supR3HardenedDllNotificationCallback: load 000007fefbe20000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0]
3373322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
3374322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3375322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3376322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ade01:<flags> [calling]
3377322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3378322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3379322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adfb1:<flags> [calling]
3380322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3381322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3382322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adfb1:<flags> [calling]
3383322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3384322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3385322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adfb1:<flags> [calling]
3386322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3387322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e88 pwszName=\Device\HarddiskVolume1\Windows\System32\AudioSes.dll
3388322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3389322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3390322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CFCA643693E82633EB61E3B838F7FBA097082A81
3391322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_114_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\AudioSes.dll'
3392322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3393322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3394322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3395322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3396322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
3397322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3398322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
3399322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
3400322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\AudioSes.dll) WinVerifyTrust
3401322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
3402322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3403322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3404322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3405322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3406322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3407322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3408322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3409322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3410322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3411322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3412322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3413322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3414322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3415322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3416322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3417322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adfc1:<flags> [calling]
3418322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
3419322c.4130: supR3HardenedDllNotificationCallback: load 000007fef9ab0000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
3420322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
3421322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ab0000 'C:\Windows\system32\AUDIOSES.DLL'
3422322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3423322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adfb1:<flags> [calling]
3424322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3425322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
3426322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adfb1:<flags> [calling]
3427322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3428322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c00000 'C:\Windows\system32\wdmaud.drv'
3429322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e74 pwszName=\Device\HarddiskVolume1\Windows\System32\msacm32.drv
3430322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3431322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3432322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=522563F5384AD4C93CF5CF4EEA899D3267552328
3433322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\msacm32.drv'
3434322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3435322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3436322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
3437322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
3438322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
3439322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
3440322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msacm32.drv) WinVerifyTrust
3441322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3442322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3443322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3444322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
3445322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
3446322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
3447322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e78 pwszName=\Device\HarddiskVolume1\Windows\System32\msacm32.dll
3448322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3449322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3450322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCA0A8AEE81B82C402AA72A300B2C8D2DC17C1DA
3451322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\msacm32.dll'
3452322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3453322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3454322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3455322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
3456322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
3457322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
3458322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msacm32.dll) WinVerifyTrust
3459322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msacm32.dll
3460322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3461322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3462322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3463322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3464322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3465322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3466322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3467322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3468322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3469322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3470322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3471322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3472322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3473322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3474322c.4130: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
3475322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3476322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3477322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094addb1:<flags> [calling]
3478322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3479322c.4130: supR3HardenedDllNotificationCallback: load 000007fef9aa0000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
3480322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3481322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.dll
3482322c.4130: supR3HardenedDllNotificationCallback: load 000007fef9a80000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0]
3483322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.dll
3484322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3485322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3486322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad7b1:<flags> [calling]
3487322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3488322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3489322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad7b1:<flags> [calling]
3490322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3491322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3492322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad7b1:<flags> [calling]
3493322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3494322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3495322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad7b1:<flags> [calling]
3496322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3497322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3498322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad7b1:<flags> [calling]
3499322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3500322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
3501322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad7b1:<flags> [calling]
3502322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3503322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3504322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3505322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9aa0000 'C:\Windows\system32\msacm32.drv'
3506322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e90 pwszName=\Device\HarddiskVolume1\Windows\System32\midimap.dll
3507322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3508322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3509322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43116C5C719A4751DA70B12932084D73D7AACEA3
3510322c.4130: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\midimap.dll'
3511322c.4130: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3512322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3513322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
3514322c.4130: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
3515322c.4130: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\midimap.dll) WinVerifyTrust
3516322c.4130: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\midimap.dll
3517322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3518322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3519322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3520322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3521322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3522322c.4130: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3523322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094addb1:<flags> [calling]
3524322c.4130: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
3525322c.4130: supR3HardenedDllNotificationCallback: load 000007fef9a70000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0]
3526322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
3527322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a70000 'C:\Windows\system32\midimap.dll'
3528322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
3529322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad781:<flags> [calling]
3530322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a70000 'C:\Windows\system32\midimap.dll'
3531322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
3532322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad781:<flags> [calling]
3533322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a70000 'C:\Windows\system32\midimap.dll'
3534322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
3535322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094addb1:<flags> [calling]
3536322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a70000 'C:\Windows\system32\midimap.dll'
3537322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3538322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3539322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3540322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\ole32.dll'
3541322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3542322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
3543322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae3d1:<flags> [calling]
3544322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3545322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3546322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
3547322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ad991:<flags> [calling]
3548322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee5e60000 'C:\Windows\system32\dsound.dll'
3549322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3550322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3551322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3552322c.3158: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
3553322c.3158: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000001a7ddb41:<flags> [calling]
3554322c.3158: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ab0000 'C:\Windows\System32\audioses.dll'
3555322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
3556322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094adb41:<flags> [calling]
3557322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee5e60000 'C:\Windows\system32\dsound.dll'
3558322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\winmm.dll'
3559322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd6d0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3560322c.4130: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
3561322c.4130: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000094ae071:<flags> [calling]
3562322c.4130: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775a0000 'C:\Windows\system32\kernel32.dll'
3563322c.24e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
3564322c.24e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000903fa51:<flags> [calling]
3565322c.24e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff920000 'C:\Windows\system32\OLEAUT32.dll'
3566322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c40000 'C:\Windows\system32\WINMM.dll'
3567322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
3568322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aaac1:<flags> [calling]
3569322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefafa0000 'C:\Windows\system32\dwmapi.dll'
3570322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
3571322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\opengl32.dll (Input=opengl32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aacc1:<flags> [calling]
3572322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\opengl32.dll'
3573322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
3574322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aac51:<flags> [calling]
3575322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3576322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1c0000 'C:\Windows\system32\gdi32.dll'
3577322c.3bdc: \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll: Owner is administrators group.
3578322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001004 pwszName=\Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
3579322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3580322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3581322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C4AE76DE01B6E031F4505B85EDBDEDC3BE69E3
3582322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem87.CAT'; file='\Device\HarddiskVolume1\Windows\System32\ig75icd64.dll'
3583322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3584322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
3585322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'igdusc64.dll'.
3586322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'dwmapi.dll'.
3587322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
3588322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
3589322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
3590322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ig75icd64.dll) WinVerifyTrust
3591322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
3592322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3593322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3594322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3595322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3596322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3597322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3598322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
3599322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
3600322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
3601322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'igdusc64.dll'...
3602322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'igdusc64.dll' -> '\Device\HarddiskVolume1\Windows\System32\igdusc64.dll' [rcNtRedir=0xc0150008]
3603322c.3bdc: \Device\HarddiskVolume1\Windows\System32\igdusc64.dll: Owner is administrators group.
3604322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000100c pwszName=\Device\HarddiskVolume1\Windows\System32\igdusc64.dll
3605322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3606322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3607322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0711E0B732B5631CABF09E521785E8ED6C1467DE
3608322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem87.CAT'; file='\Device\HarddiskVolume1\Windows\System32\igdusc64.dll'
3609322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3610322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\igdusc64.dll) WinVerifyTrust
3611322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\igdusc64.dll
3612322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
3613322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
3614322c.3bdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
3615322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ig75icd64.dll (Input=ig75icd64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aa481:<flags> [calling]
3616322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
3617322c.3bdc: supR3HardenedDllNotificationCallback: load 0000000194fb0000 LB 0x006dc000 C:\Windows\system32\ig75icd64.dll [fFlags=0x0]
3618322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
3619322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\igdusc64.dll
3620322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fef9ea0000 LB 0x00434000 C:\Windows\system32\igdusc64.dll [fFlags=0x0]
3621322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\igdusc64.dll
3622322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1c0000 'C:\Windows\system32\gdi32.dll'
3623322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000194fb0000 'C:\Windows\system32\ig75icd64.dll'
3624322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1c0000 'C:\Windows\system32\gdi32.dll'
3625322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1c0000 'C:\Windows\system32\gdi32.dll'
3626322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001084 pwszName=\Device\HarddiskVolume1\Windows\System32\version.dll
3627322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3628322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3629322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
3630322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\version.dll'
3631322c.3bdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3632322c.3bdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
3633322c.3bdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\version.dll) WinVerifyTrust
3634322c.3bdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\version.dll
3635322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3636322c.3bdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3637322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\version.dll (Input=version.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aa951:<flags> [calling]
3638322c.3bdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
3639322c.3bdc: supR3HardenedDllNotificationCallback: load 000007fefc620000 LB 0x0000c000 C:\Windows\system32\version.dll [fFlags=0x0]
3640322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
3641322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc620000 'C:\Windows\system32\version.dll'
3642322c.3bdc: supR3HardenedDllNotificationCallback: Unload 000007fefc620000 LB 0x0000c000 C:\Windows\system32\version.dll [flags=0x0]
3643322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
3644322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aac51:<flags> [calling]
3645322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3646322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3647322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3648322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3649322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3650322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3651322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3652322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
3653322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aabd1:<flags> [calling]
3654322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefafa0000 'C:\Windows\system32\dwmapi.dll'
3655322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
3656322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ig75icd64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aab31:<flags> [calling]
3657322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000194fb0000 'C:\Windows\system32\ig75icd64.dll'
3658322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3659322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
3660322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aa9c1:<flags> [calling]
3661322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3662322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3663322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3664322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3665322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3666322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3667322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3668322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3669322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3670322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3671322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3672322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3673322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3674322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3675322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3676322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3677322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
3678322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aa9c1:<flags> [calling]
3679322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3680322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3681322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3682322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3683322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3684322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3685322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3686322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3687322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3688322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3689322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3690322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3691322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3692322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3693322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3694322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3695322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3696322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3697322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3698322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3699322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3700322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3701322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3702322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3703322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3704322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3705322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3706322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3707322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3708322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3709322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3710322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3711322c.3bdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
3712322c.3bdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000002aa891:<flags> [calling]
3713322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3714322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3715322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3716322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3717322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3718322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3719322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3720322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3721322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3722322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3723322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3724322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3725322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3726322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3727322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3728322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3729322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3730322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3731322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3732322c.3bdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8710000 'C:\Windows\system32\OPENGL32.dll'
3733322c.1ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
3734322c.1ed8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000019745fae1:<flags> [calling]
3735322c.1ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe20000 'C:\Windows\system32\avrt.dll'
3736322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000111c pwszName=\Device\HarddiskVolume1\Windows\System32\mswsock.dll
3737322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3738322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3739322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A0B91C962716871F5DE8282805DA288326E03A9F
3740322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\mswsock.dll'
3741322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3742322c.3a30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3743322c.3a30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
3744322c.3a30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3745322c.3a30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
3746322c.3a30: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mswsock.dll) WinVerifyTrust
3747322c.3a30: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mswsock.dll
3748322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3749322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3750322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3751322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3752322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3753322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3754322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3755322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3756322c.3a30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000019a1ee21:<flags> [calling]
3757322c.3a30: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mswsock.dll
3758322c.3a30: supR3HardenedDllNotificationCallback: load 000007fefcd80000 LB 0x00055000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
3759322c.3a30: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mswsock.dll
3760322c.3a30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd80000 'C:\Windows\system32\mswsock.dll'
3761322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001148 pwszName=\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
3762322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002913da0
3763322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002913da0
3764322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EFFE58BB9FD8A94FD1609B7F82A43C8E09D98AA
3765322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL'
3766322c.3a30: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3767322c.3a30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
3768322c.3a30: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL) WinVerifyTrust
3769322c.3a30: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
3770322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3771322c.3a30: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3772322c.3a30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wshtcpip.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000019a1efc1:<flags> [calling]
3773322c.3a30: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
3774322c.3a30: supR3HardenedDllNotificationCallback: load 000007fefc090000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [fFlags=0x0]
3775322c.3a30: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
3776322c.3a30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc090000 'C:\Windows\System32\wshtcpip.dll'
37773bc8.4304: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 54944 ms, the end);
37783cc0.4278: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 55552 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy