VirtualBox

Ticket #16522: VBoxHardening.log

File VBoxHardening.log, 247.4 KB (added by Shahad Al Alam, 8 years ago)
Line 
136c.15f4: Log file opened: 5.1.14r112924 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
236c.15f4: \SystemRoot\System32\ntdll.dll:
336c.15f4: CreationTime: 2010-11-21T03:23:51.351694200Z
436c.15f4: LastWriteTime: 2010-11-21T03:23:51.367294200Z
536c.15f4: ChangeTime: 2017-02-19T07:24:34.815745000Z
636c.15f4: FileAttributes: 0x20
736c.15f4: Size: 0x1a6d60
836c.15f4: NT Headers: 0xe0
936c.15f4: Timestamp: 0x4ce7c8f9
1036c.15f4: Machine: 0x8664 - amd64
1136c.15f4: Timestamp: 0x4ce7c8f9
1236c.15f4: Image Version: 6.1
1336c.15f4: SizeOfImage: 0x1a9000 (1740800)
1436c.15f4: Resource Dir: 0x151000 LB 0x560d8
1536c.15f4: ProductName: Microsoft® Windows® Operating System
1636c.15f4: ProductVersion: 6.1.7601.17514
1736c.15f4: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
1836c.15f4: FileDescription: NT Layer DLL
1936c.15f4: \SystemRoot\System32\kernel32.dll:
2036c.15f4: CreationTime: 2010-11-21T03:24:07.965723400Z
2136c.15f4: LastWriteTime: 2010-11-21T03:24:07.981323400Z
2236c.15f4: ChangeTime: 2017-02-19T07:24:20.760120300Z
2336c.15f4: FileAttributes: 0x20
2436c.15f4: Size: 0x11b800
2536c.15f4: NT Headers: 0xe8
2636c.15f4: Timestamp: 0x4ce7c78b
2736c.15f4: Machine: 0x8664 - amd64
2836c.15f4: Timestamp: 0x4ce7c78b
2936c.15f4: Image Version: 6.1
3036c.15f4: SizeOfImage: 0x11f000 (1175552)
3136c.15f4: Resource Dir: 0x116000 LB 0x528
3236c.15f4: ProductName: Microsoft® Windows® Operating System
3336c.15f4: ProductVersion: 6.1.7601.17514
3436c.15f4: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
3536c.15f4: FileDescription: Windows NT BASE API Client DLL
3636c.15f4: \SystemRoot\System32\KernelBase.dll:
3736c.15f4: CreationTime: 2010-11-21T03:24:26.217755400Z
3836c.15f4: LastWriteTime: 2010-11-21T03:24:26.248955500Z
3936c.15f4: ChangeTime: 2017-02-19T07:24:20.760120300Z
4036c.15f4: FileAttributes: 0x20
4136c.15f4: Size: 0x66800
4236c.15f4: NT Headers: 0xf0
4336c.15f4: Timestamp: 0x4ce7c78c
4436c.15f4: Machine: 0x8664 - amd64
4536c.15f4: Timestamp: 0x4ce7c78c
4636c.15f4: Image Version: 6.1
4736c.15f4: SizeOfImage: 0x6b000 (438272)
4836c.15f4: Resource Dir: 0x69000 LB 0x530
4936c.15f4: ProductName: Microsoft® Windows® Operating System
5036c.15f4: ProductVersion: 6.1.7601.17514
5136c.15f4: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
5236c.15f4: FileDescription: Windows NT BASE API Client DLL
5336c.15f4: \SystemRoot\System32\apisetschema.dll:
5436c.15f4: CreationTime: 2009-07-13T23:18:54.866423200Z
5536c.15f4: LastWriteTime: 2009-07-14T01:24:53.779000000Z
5636c.15f4: ChangeTime: 2017-02-19T07:24:10.152101700Z
5736c.15f4: FileAttributes: 0x20
5836c.15f4: Size: 0x1a00
5936c.15f4: NT Headers: 0xc0
6036c.15f4: Timestamp: 0x4a5bdeab
6136c.15f4: Machine: 0x8664 - amd64
6236c.15f4: Timestamp: 0x4a5bdeab
6336c.15f4: Image Version: 6.1
6436c.15f4: SizeOfImage: 0x50000 (327680)
6536c.15f4: Resource Dir: 0x30000 LB 0x3f0
6636c.15f4: ProductName: Microsoft® Windows® Operating System
6736c.15f4: ProductVersion: 6.1.7600.16385
6836c.15f4: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
6936c.15f4: FileDescription: ApiSet Schema DLL
7036c.15f4: supR3HardenedWinFindAdversaries: 0x0
7136c.15f4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
7236c.15f4: Calling main()
7336c.15f4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
7436c.15f4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
7536c.15f4: SUPR3HardenedMain: Respawn #1
7636c.15f4: System32: \Device\HarddiskVolume1\Windows\System32
7736c.15f4: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
7836c.15f4: KnownDllPath: C:\Windows\system32
7936c.15f4: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
8036c.15f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
8136c.15f4: supR3HardNtEnableThreadCreation:
8236c.15f4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076d5c320 pvNtTerminateThread=0000000076d81840
8336c.15f4: supR3HardenedWinDoReSpawn(1): New child 550.16a8 [kernel32].
8436c.15f4: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
8536c.15f4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076d30000 uNtDllChildAddr=0000000076d30000
8636c.15f4: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076d5c320
8736c.15f4: supR3HardenedWinSetupChildInit: Start child.
8836c.15f4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 7 ms.
8936c.15f4: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps
9036c.15f4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
9136c.15f4: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
9236c.15f4: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
9336c.15f4: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
9436c.15f4: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
9536c.15f4: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
9636c.15f4: 0000000000041000-fffffffffff11fff 0x0001/0x0000 0x0000000
9736c.15f4: *0000000000170000-0000000000073fff 0x0000/0x0004 0x0020000
9836c.15f4: 000000000026c000-0000000000269fff 0x0104/0x0004 0x0020000
9936c.15f4: 000000000026e000-000000000026bfff 0x0004/0x0004 0x0020000
10036c.15f4: 0000000000270000-ffffffff897affff 0x0001/0x0000 0x0000000
10136c.15f4: *0000000076d30000-0000000076d30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
10236c.15f4: 0000000076d31000-0000000076e32fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
10336c.15f4: 0000000076e33000-0000000076e61fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
10436c.15f4: 0000000076e62000-0000000076e6dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
10536c.15f4: 0000000076e6e000-0000000076ed8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
10636c.15f4: 0000000076ed9000-000000006edd1fff 0x0001/0x0000 0x0000000
10736c.15f4: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
10836c.15f4: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
10936c.15f4: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
11036c.15f4: 000000007fff0000-ffffffffc052ffff 0x0001/0x0000 0x0000000
11136c.15f4: *000000013fab0000-000000013fab0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11236c.15f4: 000000013fab1000-000000013fb1ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11336c.15f4: 000000013fb20000-000000013fb20fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11436c.15f4: 000000013fb21000-000000013fb65fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11536c.15f4: 000000013fb66000-000000013fb66fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11636c.15f4: 000000013fb67000-000000013fb67fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11736c.15f4: 000000013fb68000-000000013fb6cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11836c.15f4: 000000013fb6d000-000000013fb6dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
11936c.15f4: 000000013fb6e000-000000013fb6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
12036c.15f4: 000000013fb6f000-000000013fb72fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
12136c.15f4: 000000013fb73000-000000013fbbafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
12236c.15f4: 000000013fbbb000-fffff80380725fff 0x0001/0x0000 0x0000000
12336c.15f4: *000007feff050000-000007feff050fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
12436c.15f4: 000007feff051000-000007fdfe0f1fff 0x0001/0x0000 0x0000000
12536c.15f4: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
12636c.15f4: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
12736c.15f4: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
12836c.15f4: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
12936c.15f4: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
13036c.15f4: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
13136c.15f4: VirtualBox.exe: timestamp 0x587cf70b (rc=VINF_SUCCESS)
13236c.15f4: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
13336c.15f4: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
13436c.15f4: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
13536c.15f4: supR3HardNtChildPurify: Done after 306 ms and 0 fixes (loop #0).
136550.16a8: Log file opened: 5.1.14r112924 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
137550.16a8: supR3HardenedVmProcessInit: uNtDllAddr=0000000076d30000 g_uNtVerCombined=0x611db100
138550.16a8: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
139550.16a8: New simple heap: #1 0000000000270000 LB 0x400000 (for 1740800 allocation)
14036c.15f4: supR3HardNtEnableThreadCreation:
141550.16a8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
142550.16a8: System32: \Device\HarddiskVolume1\Windows\System32
143550.16a8: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
144550.16a8: KnownDllPath: C:\Windows\system32
145550.16a8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
146550.16a8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
147550.16a8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
148550.16a8: Registered Dll notification callback with NTDLL.
149550.16a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
150550.16a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
151550.16a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
152550.16a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
153550.16a8: supR3HardenedDllNotificationCallback: load 0000000076b10000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
154550.16a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
155550.16a8: supR3HardenedDllNotificationCallback: load 000007fefce10000 LB 0x0006b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
156550.16a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
157550.16a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
158550.16a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076b10000 'C:\Windows\system32\kernel32.dll'
159550.16a8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076d5c320 pvNtTerminateThread=0000000076d81840
16036c.15f4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 33 ms.
161550.16a8: \SystemRoot\System32\ntdll.dll:
162550.16a8: CreationTime: 2010-11-21T03:23:51.351694200Z
163550.16a8: LastWriteTime: 2010-11-21T03:23:51.367294200Z
164550.16a8: ChangeTime: 2017-02-19T07:24:34.815745000Z
165550.16a8: FileAttributes: 0x20
166550.16a8: Size: 0x1a6d60
167550.16a8: NT Headers: 0xe0
168550.16a8: Timestamp: 0x4ce7c8f9
169550.16a8: Machine: 0x8664 - amd64
170550.16a8: Timestamp: 0x4ce7c8f9
171550.16a8: Image Version: 6.1
172550.16a8: SizeOfImage: 0x1a9000 (1740800)
173550.16a8: Resource Dir: 0x151000 LB 0x560d8
174550.16a8: ProductName: Microsoft® Windows® Operating System
175550.16a8: ProductVersion: 6.1.7601.17514
176550.16a8: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
177550.16a8: FileDescription: NT Layer DLL
178550.16a8: \SystemRoot\System32\kernel32.dll:
179550.16a8: CreationTime: 2010-11-21T03:24:07.965723400Z
180550.16a8: LastWriteTime: 2010-11-21T03:24:07.981323400Z
181550.16a8: ChangeTime: 2017-02-19T07:24:20.760120300Z
182550.16a8: FileAttributes: 0x20
183550.16a8: Size: 0x11b800
184550.16a8: NT Headers: 0xe8
185550.16a8: Timestamp: 0x4ce7c78b
186550.16a8: Machine: 0x8664 - amd64
187550.16a8: Timestamp: 0x4ce7c78b
188550.16a8: Image Version: 6.1
189550.16a8: SizeOfImage: 0x11f000 (1175552)
190550.16a8: Resource Dir: 0x116000 LB 0x528
191550.16a8: ProductName: Microsoft® Windows® Operating System
192550.16a8: ProductVersion: 6.1.7601.17514
193550.16a8: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
194550.16a8: FileDescription: Windows NT BASE API Client DLL
195550.16a8: \SystemRoot\System32\KernelBase.dll:
196550.16a8: CreationTime: 2010-11-21T03:24:26.217755400Z
197550.16a8: LastWriteTime: 2010-11-21T03:24:26.248955500Z
198550.16a8: ChangeTime: 2017-02-19T07:24:20.760120300Z
199550.16a8: FileAttributes: 0x20
200550.16a8: Size: 0x66800
201550.16a8: NT Headers: 0xf0
202550.16a8: Timestamp: 0x4ce7c78c
203550.16a8: Machine: 0x8664 - amd64
204550.16a8: Timestamp: 0x4ce7c78c
205550.16a8: Image Version: 6.1
206550.16a8: SizeOfImage: 0x6b000 (438272)
207550.16a8: Resource Dir: 0x69000 LB 0x530
208550.16a8: ProductName: Microsoft® Windows® Operating System
209550.16a8: ProductVersion: 6.1.7601.17514
210550.16a8: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
211550.16a8: FileDescription: Windows NT BASE API Client DLL
212550.16a8: \SystemRoot\System32\apisetschema.dll:
213550.16a8: CreationTime: 2009-07-13T23:18:54.866423200Z
214550.16a8: LastWriteTime: 2009-07-14T01:24:53.779000000Z
215550.16a8: ChangeTime: 2017-02-19T07:24:10.152101700Z
216550.16a8: FileAttributes: 0x20
217550.16a8: Size: 0x1a00
218550.16a8: NT Headers: 0xc0
219550.16a8: Timestamp: 0x4a5bdeab
220550.16a8: Machine: 0x8664 - amd64
221550.16a8: Timestamp: 0x4a5bdeab
222550.16a8: Image Version: 6.1
223550.16a8: SizeOfImage: 0x50000 (327680)
224550.16a8: Resource Dir: 0x30000 LB 0x3f0
225550.16a8: ProductName: Microsoft® Windows® Operating System
226550.16a8: ProductVersion: 6.1.7600.16385
227550.16a8: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
228550.16a8: FileDescription: ApiSet Schema DLL
229550.16a8: supR3HardenedWinFindAdversaries: 0x0
230550.16a8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
231550.16a8: Calling main()
232550.16a8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
233550.16a8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
234550.16a8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
235550.16a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
236550.16a8: SUPR3HardenedMain: Respawn #2
237550.16a8: supR3HardNtEnableThreadCreation:
238550.16a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
239550.16a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
240550.16a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
241550.16a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
242550.16a8: supR3HardenedDllNotificationCallback: load 000007fefcb50000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
243550.16a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
244550.16a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb50000 'C:\Windows\system32\apphelp.dll'
245550.16a8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076d5c320 pvNtTerminateThread=0000000076d81840
246550.16a8: supR3HardenedWinDoReSpawn(2): New child bd0.fdc [kernel32].
247550.16a8: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdc000 cbPeb=0x380
248550.16a8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076d30000 uNtDllChildAddr=0000000076d30000
249550.16a8: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076d5c320
250550.16a8: supR3HardenedWinSetupChildInit: Start child.
251550.16a8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 2 ms.
252550.16a8: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps
253550.16a8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
254550.16a8: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
255550.16a8: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
256550.16a8: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
257550.16a8: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
258550.16a8: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
259550.16a8: 0000000000041000-fffffffffff31fff 0x0001/0x0000 0x0000000
260550.16a8: *0000000000150000-0000000000053fff 0x0000/0x0004 0x0020000
261550.16a8: 000000000024c000-0000000000249fff 0x0104/0x0004 0x0020000
262550.16a8: 000000000024e000-000000000024bfff 0x0004/0x0004 0x0020000
263550.16a8: 0000000000250000-ffffffff8976ffff 0x0001/0x0000 0x0000000
264550.16a8: *0000000076d30000-0000000076d30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
265550.16a8: 0000000076d31000-0000000076e32fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
266550.16a8: 0000000076e33000-0000000076e61fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
267550.16a8: 0000000076e62000-0000000076e6dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
268550.16a8: 0000000076e6e000-0000000076ed8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
269550.16a8: 0000000076ed9000-000000006edd1fff 0x0001/0x0000 0x0000000
270550.16a8: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
271550.16a8: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
272550.16a8: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
273550.16a8: 000000007fff0000-ffffffffc052ffff 0x0001/0x0000 0x0000000
274550.16a8: *000000013fab0000-000000013fab0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
275550.16a8: 000000013fab1000-000000013fb1ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
276550.16a8: 000000013fb20000-000000013fb20fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
277550.16a8: 000000013fb21000-000000013fb65fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
278550.16a8: 000000013fb66000-000000013fb66fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
279550.16a8: 000000013fb67000-000000013fb67fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
280550.16a8: 000000013fb68000-000000013fb6cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
281550.16a8: 000000013fb6d000-000000013fb6dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
282550.16a8: 000000013fb6e000-000000013fb6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
283550.16a8: 000000013fb6f000-000000013fb72fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
284550.16a8: 000000013fb73000-000000013fbbafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
285550.16a8: 000000013fbbb000-fffff80380725fff 0x0001/0x0000 0x0000000
286550.16a8: *000007feff050000-000007feff050fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
287550.16a8: 000007feff051000-000007fdfe0f1fff 0x0001/0x0000 0x0000000
288550.16a8: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
289550.16a8: 000007fffffd3000-000007fffffc9fff 0x0001/0x0000 0x0000000
290550.16a8: *000007fffffdc000-000007fffffdafff 0x0004/0x0004 0x0020000
291550.16a8: 000007fffffdd000-000007fffffdbfff 0x0001/0x0000 0x0000000
292550.16a8: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
293550.16a8: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
294550.16a8: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
295550.16a8: VirtualBox.exe: timestamp 0x587cf70b (rc=VINF_SUCCESS)
296550.16a8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
297550.16a8: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
298550.16a8: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
299550.16a8: supR3HardNtChildPurify: Done after 307 ms and 0 fixes (loop #0).
300bd0.fdc: Log file opened: 5.1.14r112924 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
301bd0.fdc: supR3HardenedVmProcessInit: uNtDllAddr=0000000076d30000 g_uNtVerCombined=0x611db100
302bd0.fdc: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
303bd0.fdc: New simple heap: #1 0000000000250000 LB 0x400000 (for 1740800 allocation)
304550.16a8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000270000 LB 0x400000)
305550.16a8: supR3HardNtEnableThreadCreation:
306bd0.fdc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
307bd0.fdc: System32: \Device\HarddiskVolume1\Windows\System32
308bd0.fdc: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
309bd0.fdc: KnownDllPath: C:\Windows\system32
310bd0.fdc: supR3HardenedVmProcessInit: Opening vboxdrv...
311bd0.fdc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
312bd0.fdc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
313bd0.fdc: Registered Dll notification callback with NTDLL.
314bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
315bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
316bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
317bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
318bd0.fdc: supR3HardenedDllNotificationCallback: load 0000000076b10000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
319bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
320bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefce10000 LB 0x0006b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
321bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
322bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
323bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076b10000 'C:\Windows\system32\kernel32.dll'
324bd0.fdc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076d5c320 pvNtTerminateThread=0000000076d81840
325550.16a8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 45 ms.
326bd0.fdc: \SystemRoot\System32\ntdll.dll:
327bd0.fdc: CreationTime: 2010-11-21T03:23:51.351694200Z
328bd0.fdc: LastWriteTime: 2010-11-21T03:23:51.367294200Z
329bd0.fdc: ChangeTime: 2017-02-19T07:24:34.815745000Z
330bd0.fdc: FileAttributes: 0x20
331bd0.fdc: Size: 0x1a6d60
332bd0.fdc: NT Headers: 0xe0
333bd0.fdc: Timestamp: 0x4ce7c8f9
334bd0.fdc: Machine: 0x8664 - amd64
335bd0.fdc: Timestamp: 0x4ce7c8f9
336bd0.fdc: Image Version: 6.1
337bd0.fdc: SizeOfImage: 0x1a9000 (1740800)
338bd0.fdc: Resource Dir: 0x151000 LB 0x560d8
339bd0.fdc: ProductName: Microsoft® Windows® Operating System
340bd0.fdc: ProductVersion: 6.1.7601.17514
341bd0.fdc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
342bd0.fdc: FileDescription: NT Layer DLL
343bd0.fdc: \SystemRoot\System32\kernel32.dll:
344bd0.fdc: CreationTime: 2010-11-21T03:24:07.965723400Z
345bd0.fdc: LastWriteTime: 2010-11-21T03:24:07.981323400Z
346bd0.fdc: ChangeTime: 2017-02-19T07:24:20.760120300Z
347bd0.fdc: FileAttributes: 0x20
348bd0.fdc: Size: 0x11b800
349bd0.fdc: NT Headers: 0xe8
350bd0.fdc: Timestamp: 0x4ce7c78b
351bd0.fdc: Machine: 0x8664 - amd64
352bd0.fdc: Timestamp: 0x4ce7c78b
353bd0.fdc: Image Version: 6.1
354bd0.fdc: SizeOfImage: 0x11f000 (1175552)
355bd0.fdc: Resource Dir: 0x116000 LB 0x528
356bd0.fdc: ProductName: Microsoft® Windows® Operating System
357bd0.fdc: ProductVersion: 6.1.7601.17514
358bd0.fdc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
359bd0.fdc: FileDescription: Windows NT BASE API Client DLL
360bd0.fdc: \SystemRoot\System32\KernelBase.dll:
361bd0.fdc: CreationTime: 2010-11-21T03:24:26.217755400Z
362bd0.fdc: LastWriteTime: 2010-11-21T03:24:26.248955500Z
363bd0.fdc: ChangeTime: 2017-02-19T07:24:20.760120300Z
364bd0.fdc: FileAttributes: 0x20
365bd0.fdc: Size: 0x66800
366bd0.fdc: NT Headers: 0xf0
367bd0.fdc: Timestamp: 0x4ce7c78c
368bd0.fdc: Machine: 0x8664 - amd64
369bd0.fdc: Timestamp: 0x4ce7c78c
370bd0.fdc: Image Version: 6.1
371bd0.fdc: SizeOfImage: 0x6b000 (438272)
372bd0.fdc: Resource Dir: 0x69000 LB 0x530
373bd0.fdc: ProductName: Microsoft® Windows® Operating System
374bd0.fdc: ProductVersion: 6.1.7601.17514
375bd0.fdc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
376bd0.fdc: FileDescription: Windows NT BASE API Client DLL
377bd0.fdc: \SystemRoot\System32\apisetschema.dll:
378bd0.fdc: CreationTime: 2009-07-13T23:18:54.866423200Z
379bd0.fdc: LastWriteTime: 2009-07-14T01:24:53.779000000Z
380bd0.fdc: ChangeTime: 2017-02-19T07:24:10.152101700Z
381bd0.fdc: FileAttributes: 0x20
382bd0.fdc: Size: 0x1a00
383bd0.fdc: NT Headers: 0xc0
384bd0.fdc: Timestamp: 0x4a5bdeab
385bd0.fdc: Machine: 0x8664 - amd64
386bd0.fdc: Timestamp: 0x4a5bdeab
387bd0.fdc: Image Version: 6.1
388bd0.fdc: SizeOfImage: 0x50000 (327680)
389bd0.fdc: Resource Dir: 0x30000 LB 0x3f0
390bd0.fdc: ProductName: Microsoft® Windows® Operating System
391bd0.fdc: ProductVersion: 6.1.7600.16385
392bd0.fdc: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
393bd0.fdc: FileDescription: ApiSet Schema DLL
394bd0.fdc: supR3HardenedWinFindAdversaries: 0x0
395bd0.fdc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
396bd0.fdc: Calling main()
397bd0.fdc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
398bd0.fdc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
399bd0.fdc: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
400bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
401bd0.fdc: SUPR3HardenedMain: Final process, opening VBoxDrv...
402bd0.fdc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000250000 LB 0x400000)
403bd0.fdc: supR3HardNtEnableThreadCreation:
404bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
405bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
406bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
407bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
408bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefb720000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
409bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
410bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
411bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
412bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb720000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
413bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
414bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
415bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb720000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
416bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb720000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
417bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
418bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
419bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
420bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
421bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
422bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
423bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
424bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
425bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
426bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
427bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
428bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
429bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
430bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
431bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
432bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
433bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
434bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
435bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
436bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
437bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
438bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
439bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
440bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
441bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
442bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
443bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
444bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
445bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
446bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
447bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
448bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
449bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefcdd0000 LB 0x0003a000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
450bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
451bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd490000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
452bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
453bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefce80000 LB 0x00167000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
454bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
455bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefcd20000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
456bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
457bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd050000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
458bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
459bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdd0000 'C:\Windows\system32\Wintrust.dll'
460bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
461bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
462bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
463bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
464bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefc640000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
465bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
466bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc640000 'C:\Windows\system32\bcrypt.dll'
467bd0.fdc: bcrypt.dll loaded at 000007fefc640000, BCryptOpenAlgorithmProvider at 000007fefc642640, preloading providers:
468bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
469bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
470bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
471bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
472bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
473bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
474bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
475bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
476bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
477bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
478bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
479bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
480bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
481bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
482bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
483bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
484bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
485bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
486bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
487bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
488bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
489bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefc130000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
490bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
491bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefeda0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
492bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
493bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
494bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
495bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
496bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
497bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd260000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
498bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
499bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc130000 'C:\Windows\system32\bcryptprimitives.dll'
500bd0.fdc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000080ad00)
501bd0.fdc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000080dbc0)
502bd0.fdc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000080dce0)
503bd0.fdc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000080def0)
504bd0.fdc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000080e010)
505bd0.fdc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000080e130)
506bd0.fdc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000080e370)
507bd0.fdc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000080e490)
508bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
509bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
510bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
511bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
512bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
513bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
514bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
515bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
516bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
517bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
518bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefc4f0000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
519bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
520bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4f0000 'C:\Windows\system32\CRYPTSP.dll'
521bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
522bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
523bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
524bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
525bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
526bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
527bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
528bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
529bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefc1f0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
530bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
531bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc1f0000 'C:\Windows\system32\rsaenh.dll'
532bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
533bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
534bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeda0000 'C:\Windows\system32\ADVAPI32.dll'
535bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
536bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
537bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
538bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
539bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefcbb0000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
540bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
541bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbb0000 'C:\Windows\system32\CRYPTBASE.dll'
542bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
543bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
544bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076b10000 'C:\Windows\system32\kernel32.dll'
545bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
546bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
547bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdd0000 'C:\Windows\system32\WINTRUST.DLL'
548bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
549bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
550bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce80000 'C:\Windows\system32\CRYPT32.dll'
551bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
552bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
553bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
554bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
555bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
556bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
557bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
558bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
559bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefe810000 LB 0x00017000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
560bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
561bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe810000 'C:\Windows\system32\imagehlp.dll'
562bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
563bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
564bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4f0000 'C:\Windows\system32\CRYPTSP.dll'
565bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
566bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
567bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
568bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
569bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
570bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
571bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
572bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
573bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
574bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
575bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
576bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
577bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
578bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
579bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
580bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
581bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
582bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
583bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
584bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
585bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
586bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
587bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
588bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
589bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
590bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
591bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
592bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
593bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
594bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
595bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
596bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
597bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
598bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
599bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
600bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
601bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
602bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
603bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
604bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
605bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
606bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
607bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
608bd0.fdc: supR3HardenedDllNotificationCallback: load 0000000076c30000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
609bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
610bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefed20000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
611bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
612bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd1b0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
613bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\lpk.dll [lacks WinVerifyTrust]
614bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefeed0000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
615bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\usp10.dll [lacks WinVerifyTrust]
616bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
617bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
618bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed20000 'C:\Windows\system32\gdi32.dll'
619bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
620bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
621bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
622bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
623bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
624bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
625bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
626bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
627bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
628bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
629bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
630bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
631bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
632bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
633bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
634bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
635bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
636bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
637bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
638bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
639bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
640bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
641bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
642bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
643bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
644bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
645bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
646bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
647bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
648bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
649bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
650bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
651bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
652bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd180000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
653bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
654bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd970000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
655bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
656bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\Windows\system32\IMM32.DLL'
657bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076c30000 'C:\Windows\system32\USER32.dll'
658bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
659bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
660bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
661bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
662bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
663bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
664bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
665bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
666bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
667bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
668bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
669bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
670bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
671bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
672bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
673bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
674bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefc670000 LB 0x0004e000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
675bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
676bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc670000 'C:\Windows\system32\ncrypt.dll'
677bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
678bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
679bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc640000 'C:\Windows\system32\bcrypt.dll'
680bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
681bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
682bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
683bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
684bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
685bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
686bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
687bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
688bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
689bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
690bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
691bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
692bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
693bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
694bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
695bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
696bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
697bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
698bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
699bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
700bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
701bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefbfd0000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
702bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
703bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
704bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefcc80000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
705bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
706bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfd0000 'C:\Windows\system32\USERENV.dll'
707bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
708bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
709bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
710bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
711bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
712bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
713bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
714bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
715bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
716bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
717bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
718bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
719bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
720bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
721bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
722bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
723bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefbfb0000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
724bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
725bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfb0000 'C:\Windows\system32\GPAPI.dll'
726bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
727bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-WIN-Service-Management-L1-1-0.dll'
728bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
729bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
730bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd050000 'C:\Windows\system32\rpcrt4.dll'
731bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
732bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-WIN-Service-Management-L2-1-0.dll'
733bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
734bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
735bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
736bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'crypt32.dll'.
737bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wldap32.dll'.
738bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
739bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
740bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
741bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
742bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
743bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
744bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
745bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
746bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
747bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
748bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
749bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
750bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
751bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
752bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
753bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
754bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
755bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
756bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fee7750000 LB 0x00026000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
757bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
758bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
759bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
760bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
761bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
762bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
763bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
764bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
765bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
766bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
767bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
768bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
769bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
770bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
771bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
772bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
773bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
774bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
775bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
776bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
777bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
778bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
779bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
780bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
781bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
782bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
783bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
784bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
785bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
786bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
787bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
788bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
789bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
790bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
791bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
792bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
793bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
794bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
795bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
796bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
797bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
798bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
799bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
800bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
801bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
802bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
803bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
804bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
805bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd410000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
806bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
807bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd410000 'C:\Windows\system32\SHLWAPI.dll'
808bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
809bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
810bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
811bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
812bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc80000 'C:\Windows\system32\profapi.dll'
813bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
814bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
815bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
816bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
817bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
818bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
819bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
820bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\setupapi.dll)
821bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\setupapi.dll
822bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
823bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume1\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
824bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
825bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
826bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\devobj.dll)
827bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devobj.dll
828bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
829bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
830bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
831bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
832bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
833bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
834bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
835bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\oleaut32.dll)
836bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
837bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
838bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
839bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
840bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
841bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
842bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
843bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
844bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
845bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
846bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
847bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
848bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
849bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
850bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
851bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
852bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
853bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
854bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll)
855bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
856bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
857bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
858bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
859bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
860bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
861bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
862bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
863bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
864bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
865bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
866bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
867bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
868bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
869bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
870bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
871bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
872bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
873bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
874bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
875bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
876bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
877bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
878bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
879bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
880bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
881bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
882bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
883bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ole32.dll)
884bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ole32.dll
885bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
886bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
887bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
888bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
889bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
890bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
891bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
892bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
893bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
894bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
895bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
896bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
897bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
898bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
899bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
900bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
901bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
902bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
903bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
904bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
905bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd530000 LB 0x001d7000 C:\Windows\system32\setupapi.dll [fFlags=0x0]
906bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
907bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd010000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
908bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
909bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefea40000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
910bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
911bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefe830000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
912bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ole32.dll [lacks WinVerifyTrust]
913bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefcff0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
914bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\devobj.dll [lacks WinVerifyTrust]
915bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
916bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076b10000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
917bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd530000 'C:\Windows\system32\setupapi.dll'
918bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
919bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cabinet.dll)
920bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cabinet.dll
921bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
922bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
923bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
924bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
925bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
926bd0.fdc: supR3HardenedDllNotificationCallback: load 000007feefda0000 LB 0x0001b000 C:\Windows\system32\Cabinet.dll [fFlags=0x0]
927bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
928bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feefda0000 'C:\Windows\system32\Cabinet.dll'
929bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
930bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\devrtl.dll)
931bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devrtl.dll
932bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
933bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
934bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
935bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
936bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
937bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefbff0000 LB 0x00012000 C:\Windows\system32\DEVRTL.dll [fFlags=0x0]
938bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
939bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbff0000 'C:\Windows\system32\DEVRTL.dll'
940bd0.fdc: supR3HardenedDllNotificationCallback: Unload 000007fefd530000 LB 0x001d7000 C:\Windows\system32\setupapi.dll [flags=0x0]
941bd0.fdc: supR3HardenedDllNotificationCallback: Unload 000007fefcff0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [flags=0x0]
942bd0.fdc: supR3HardenedDllNotificationCallback: Unload 000007fefea40000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [flags=0x0]
943bd0.fdc: supR3HardenedDllNotificationCallback: Unload 000007fefe830000 LB 0x00203000 C:\Windows\system32\ole32.dll [flags=0x0]
944bd0.fdc: supR3HardenedDllNotificationCallback: Unload 000007fefd010000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [flags=0x0]
945bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
946bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7750000 'C:\Windows\system32\cryptnet.dll'
947bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
948bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000805830
949bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
950bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6463B603CF12442718467D754A1EDC45CE1D6E7E
951bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
952bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
953bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
954bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-WIN-Service-Management-L1-1-0.dll'
955bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
956bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
957bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
958bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
959bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeda0000 'C:\Windows\system32\ADVAPI32.dll'
960bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
961bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
962bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
963bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd260000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
964bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\SystemRoot\System32\ntdll.dll'
965bd0.fdc: g_pfnWinVerifyTrust=000007fefcdd1010
966bd0.fdc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
967bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
968bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
969bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
970bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=766DAE0DAEDFFD0DB96611658C619DD5922D2FEC
971bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
972bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
973bd0.fdc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
974bd0.fdc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
975bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
976bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
977bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
978bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E8D9B442D9CC38B2D0501106E104A42A4EE0B238
979bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
980bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
981bd0.fdc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
982bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003ec pwszName=\Device\HarddiskVolume1\Windows\System32\devrtl.dll
983bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
984bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
985bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
986bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devrtl.dll'
987bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
988bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\devrtl.dll'
989bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003e0 pwszName=\Device\HarddiskVolume1\Windows\System32\cabinet.dll
990bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
991bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
992bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D1555851298EA005A2E9FEA027F5898BC240083
993bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\cabinet.dll'
994bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
995bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cabinet.dll'
996bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a8 pwszName=\Device\HarddiskVolume1\Windows\System32\ole32.dll
997bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
998bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
999bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
1000bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\ole32.dll'
1001bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1002bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ole32.dll'
1003bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a4 pwszName=\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
1004bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1005bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1006bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
1007bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
1008bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1009bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
1010bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a0 pwszName=\Device\HarddiskVolume1\Windows\System32\oleaut32.dll
1011bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1012bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1013bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=26A5C3FE898CBD66951D3BC65E742E0BE561E69B
1014bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
1015bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1016bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
1017bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000039c pwszName=\Device\HarddiskVolume1\Windows\System32\devobj.dll
1018bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1019bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1020bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
1021bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devobj.dll'
1022bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1023bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\devobj.dll'
1024bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000398 pwszName=\Device\HarddiskVolume1\Windows\System32\setupapi.dll
1025bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1026bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1027bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
1028bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
1029bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1030bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
1031bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
1032bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1033bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1034bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
1035bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
1036bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1037bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
1038bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
1039bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1040bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1041bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
1042bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
1043bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1044bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
1045bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000037c pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
1046bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1047bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1048bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CA2FE16E05087DA5C24DC5EB2EE8053CDA5DE9A9
1049bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
1050bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1051bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
1052bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000258 pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
1053bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1054bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1055bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
1056bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
1057bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1058bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
1059bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
1060bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1061bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1062bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
1063bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\profapi.dll'
1064bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1065bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
1066bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
1067bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1068bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1069bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
1070bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\userenv.dll'
1071bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1072bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
1073bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001ac pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
1074bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1075bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1076bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3D482C50075646C922DC6A66C97956C5060C361B
1077bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
1078bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1079bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
1080bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
1081bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1082bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1083bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
1084bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\msctf.dll'
1085bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1086bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
1087bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
1088bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1089bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1090bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
1091bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\imm32.dll'
1092bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1093bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
1094bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
1095bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1096bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1097bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=97AE9B5B40144F2794F30A891013393C80D631A1
1098bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\usp10.dll'
1099bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1100bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
1101bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
1102bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1103bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1104bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A42DFBB8A3A26D2178D79D34DA1CE275E2A0BE37
1105bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\lpk.dll'
1106bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1107bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
1108bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
1109bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1110bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1111bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8F7179D2AEB0FEB168A01D182223AC2D7B8F331
1112bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
1113bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1114bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
1115bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
1116bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1117bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1118bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB05A6DD4AF9AC247D37C4B7BAFCCBD178A41E64
1119bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1120bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000805830
1121bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1122bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB05A6DD4AF9AC247D37C4B7BAFCCBD178A41E64
1123bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1168)
1124bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
1125bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
1126bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
1127bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1128bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1129bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFE89CF1060867A10BD3963894BCDB4D3058F804
1130bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
1131bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1132bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
1133bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
1134bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1135bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1136bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
1137bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
1138bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1139bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
1140bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
1141bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000012c pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
1142bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1143bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1144bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
1145bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
1146bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1147bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
1148bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
1149bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1150bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1151bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
1152bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\sechost.dll'
1153bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1154bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
1155bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
1156bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1157bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1158bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBCDF817D89920EE3139FB7E090744EB36A4A21B
1159bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
1160bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1161bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
1162bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
1163bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
1164bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1165bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1166bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
1167bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
1168bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1169bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
1170bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
1171bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1172bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1173bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBEAC8C0FA88C88B540ACFE0683B1810C077AA53
1174bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
1175bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1176bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
1177bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
1178bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1179bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1180bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1181bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
1182bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1183bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
1184bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
1185bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1186bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1187bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BC4D9E909DFDD2EE8BA1A5C857D73D49EBE7952C
1188bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
1189bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1190bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
1191bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1192bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
1193bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1194bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1195bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=06FEC3C858DB28D2F4BFBDA99AF14D4747A8C5D4
1196bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
1197bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1198bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
1199bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
1200bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1201bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1202bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D7AE634A00F24BBD4AE27DEA9BCCCE222DE9897B
1203bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
1204bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1205bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
1206bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
1207bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1208bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce80000 'C:\Windows\system32\crypt32.dll'
1209bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1210bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1211bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1212bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1213bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1214bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1215bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1216bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1217bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1218bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1219bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1220bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1221bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1222bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1223bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1224bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1225bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1226bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1227bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1228bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1229bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1230bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1231bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1232bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1233bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1234bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1235bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1236bd0.fdc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1237bd0.fdc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=28
1238bd0.fdc: SUPR3HardenedMain: Load Runtime...
1239bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1240bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1241bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1242bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1243bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1244bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1245bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1246bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1247bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1248bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1249bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b4 pwszName=\Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1250bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1251bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1252bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
1253bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\ws2_32.dll'
1254bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1255bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1256bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1257bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1258bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ws2_32.dll) WinVerifyTrust
1259bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1260bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1261bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1262bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1263bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1264bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1265bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1266bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1267bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1268bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1269bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1270bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1271bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1272bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1273bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1274bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003cc pwszName=\Device\HarddiskVolume1\Windows\System32\nsi.dll
1275bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1276bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1277bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
1278bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\nsi.dll'
1279bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1280bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nsi.dll) WinVerifyTrust
1281bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nsi.dll
1282bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1283bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1284bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1285bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1286bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1287bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1288bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fede000000 LB 0x0052e000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1289bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1290bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1291bd0.fdc: supR3HardenedDllNotificationCallback: load 0000000063b20000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1292bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1293bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1294bd0.fdc: supR3HardenedDllNotificationCallback: load 0000000063d60000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1295bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1296bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefee80000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1297bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1298bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefed90000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1299bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
1300bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1301bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1302bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1303bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1304bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1305bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1306bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1307bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1308bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1309bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1310bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1311bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1312bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1313bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1314bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1315bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1316bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1317bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1318bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1319bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1320bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1321bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1322bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1323bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1324bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1325bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1326bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1327bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1328bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1329bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1330bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1331bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1332bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1333bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1334bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1335bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1336bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1337bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1338bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1339bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1340bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1341bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1342bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1343bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
1344bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1345bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1346bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1347bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1348bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fede000000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1349bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
1350bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1351bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdd0000 'C:\Windows\system32\Wintrust.dll'
1352bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
1353bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1354bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce80000 'C:\Windows\system32\crypt32.dll'
1355bd0.fdc: SUPR3HardenedMain: Load TrustedMain...
1356bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1357bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1358bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1359bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1360bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1361bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
1362bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
1363bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
1364bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1365bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1366bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
1367bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
1368bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
1369bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
1370bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
1371bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
1372bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
1373bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1374bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1375bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000434 pwszName=\Device\HarddiskVolume1\Windows\System32\winmm.dll
1376bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1377bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1378bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1379bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winmm.dll'
1380bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1381bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1382bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1383bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmm.dll) WinVerifyTrust
1384bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmm.dll
1385bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1386bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1387bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
1388bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1389bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1390bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
1391bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1392bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1393bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000414 pwszName=\Device\HarddiskVolume1\Windows\System32\shell32.dll
1394bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1395bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1396bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCF00DB9BBECF4126AB4076577BBA73C0F94BDF9
1397bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shell32.dll'
1398bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1399bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1400bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1401bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1402bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1403bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shell32.dll) WinVerifyTrust
1404bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shell32.dll
1405bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1406bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1407bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
1408bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1409bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1410bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1411bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1412bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1413bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1414bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1415bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1416bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1417bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1418bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
1419bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
1420bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1421bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1422bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
1423bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1424bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1425bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1426bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
1427bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
1428bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
1429bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
1430bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1431bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1432bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1433bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1434bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1435bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1436bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1437bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1438bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1439bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1440bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1441bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1442bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1443bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1444bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1445bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1446bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1447bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1448bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1449bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1450bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
1451bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1452bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1453bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1454bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1455bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1456bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1457bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1458bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1459bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1460bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1461bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1462bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
1463bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1464bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1465bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1466bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1467bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1468bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1469bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1470bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1471bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1472bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1473bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1474bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000043c pwszName=\Device\HarddiskVolume1\Windows\System32\opengl32.dll
1475bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1476bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1477bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
1478bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\opengl32.dll'
1479bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1480bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1481bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1482bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1483bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1484bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1485bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1486bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\opengl32.dll) WinVerifyTrust
1487bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\opengl32.dll
1488bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1489bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1490bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1491bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1492bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000448 pwszName=\Device\HarddiskVolume1\Windows\System32\ddraw.dll
1493bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1494bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1495bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1496bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\ddraw.dll'
1497bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1498bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1499bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1500bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1501bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1502bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1503bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1504bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ddraw.dll) WinVerifyTrust
1505bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ddraw.dll
1506bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1507bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1508bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000458 pwszName=\Device\HarddiskVolume1\Windows\System32\glu32.dll
1509bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1510bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1511bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
1512bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\glu32.dll'
1513bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1514bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1515bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1516bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1517bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\glu32.dll) WinVerifyTrust
1518bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\glu32.dll
1519bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1520bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1521bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1522bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1523bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
1524bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1525bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1526bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1527bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1528bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1529bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1530bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1531bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1532bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1533bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume1\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1534bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000450 pwszName=\Device\HarddiskVolume1\Windows\System32\mpr.dll
1535bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1536bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1537bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
1538bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\mpr.dll'
1539bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1540bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mpr.dll) WinVerifyTrust
1541bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mpr.dll
1542bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1543bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1544bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
1545bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1546bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1547bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
1548bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1549bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1550bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
1551bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1552bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1553bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
1554bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1555bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1556bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1557bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1558bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1559bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1560bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1561bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1562bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1563bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1564bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1565bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1566bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1567bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1568bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1569bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1570bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1571bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
1572bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1573bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1574bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
1575bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1576bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1577bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1578bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1579bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1580bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
1581bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1582bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1583bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
1584bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1585bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1586bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1587bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1588bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1589bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1590bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1591bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1592bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume1\Windows\System32\user32.dll
1593bd0.fdc: Error (rc=0):
1594bd0.fdc: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=16 \Device\HarddiskVolume1\Windows\System32\user32.dll
1595bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1596bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1597bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1598bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1599bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
1600bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1601bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1602bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000484 pwszName=\Device\HarddiskVolume1\Windows\System32\comdlg32.dll
1603bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1604bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1605bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
1606bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\comdlg32.dll'
1607bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1608bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1609bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1610bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1611bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1612bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1613bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1614bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comdlg32.dll) WinVerifyTrust
1615bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
1616bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1617bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1618bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000470 pwszName=\Device\HarddiskVolume1\Windows\System32\winspool.drv
1619bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1620bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1621bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
1622bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\winspool.drv'
1623bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1624bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1625bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1626bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1627bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winspool.drv) WinVerifyTrust
1628bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winspool.drv
1629bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1630bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1631bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1632bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1633bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1634bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1635bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1636bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1637bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1638bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1639bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1640bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1641bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1642bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1643bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1644bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1645bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1646bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1647bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1648bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1649bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1650bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1651bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1652bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1653bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1654bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1655bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1656bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1657bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1658bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1659bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
1660bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1661bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1662bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1663bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1664bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1665bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1666bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1667bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1668bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1669bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1670bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
1671bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1672bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1673bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1674bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1675bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
1676bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1677bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
1678bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000488 pwszName=\Device\HarddiskVolume1\Windows\System32\comctl32.dll
1679bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1680bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1681bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4D3B2DA266DE92D9E1311E30C810160CDC5BD5AA
1682bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\comctl32.dll'
1683bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1684bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1685bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1686bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1687bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comctl32.dll) WinVerifyTrust
1688bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comctl32.dll
1689bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1690bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1691bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1692bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1693bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1694bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1695bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
1696bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1697bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1698bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1699bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1700bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1701bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1702bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
1703bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1704bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1705bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1706bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1707bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume1\Windows\System32\dwmapi.dll
1708bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1709bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1710bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
1711bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dwmapi.dll'
1712bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1713bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1714bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1715bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1716bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dwmapi.dll) WinVerifyTrust
1717bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
1718bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1719bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1720bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
1721bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1722bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1723bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1724bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1725bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume1\Windows\System32\dciman32.dll
1726bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1727bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1728bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3FEC714D729F7CAEB9B7A25E2012B6A6E9007F5
1729bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dciman32.dll'
1730bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1731bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1732bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1733bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1734bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dciman32.dll) WinVerifyTrust
1735bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dciman32.dll
1736bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1737bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1738bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1739bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1740bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1741bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1742bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1743bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1744bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1745bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1746bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1747bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1748bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1749bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1750bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1751bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1752bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
1753bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1754bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1755bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1756bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1757bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1758bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1759bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
1760bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1761bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
1762bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fedb6b0000 LB 0x008e7000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
1763bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
1764bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
1765bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fef5af0000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
1766bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
1767bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
1768bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fef5ac0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
1769bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
1770bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
1771bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fef59c0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
1772bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
1773bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
1774bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fef59b0000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
1775bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
1776bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd530000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
1777bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
1778bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefd010000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1779bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
1780bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefea40000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1781bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
1782bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefe830000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
1783bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
1784bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefcff0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1785bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\devobj.dll
1786bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
1787bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefb030000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
1788bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
1789bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1790bd0.fdc: supR3HardenedDllNotificationCallback: load 00000000631f0000 LB 0x00566000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1791bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1792bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefda80000 LB 0x00d88000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
1793bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
1794bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
1795bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fef75e0000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
1796bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
1797bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1798bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fedda00000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1799bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1800bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1801bd0.fdc: supR3HardenedDllNotificationCallback: load 0000000062c80000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1802bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1803bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
1804bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fef7700000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
1805bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
1806bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
1807bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fef7450000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
1808bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
1809bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefefa0000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
1810bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
1811bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1812bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1813bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1814bd0.fdc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll)
1815bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
1816bd0.fdc: supR3HardenedDllNotificationCallback: load 000007feebd20000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\COMCTL32.dll [fFlags=0x0]
1817bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [avoiding WinVerifyTrust]
1818bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1819bd0.fdc: supR3HardenedDllNotificationCallback: load 0000000063ac0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1820bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1821bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
1822bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefac60000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
1823bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
1824bd0.fdc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'.
1825bd0.fdc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll' [rescheduled]
1826bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1827bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076b10000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1828bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
1829bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1830bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1831bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1832bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1833bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1834bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1835bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1836bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\Windows\system32\imm32.dll'
1837bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeda0000 'C:\Windows\system32\ADVAPI32.DLL'
1838bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
1839bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1840bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbb0000 'C:\Windows\system32\cryptbase.dll'
1841bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb6b0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
1842bd0.fdc: SUPR3HardenedMain: Calling TrustedMain (000007fedb6b1610)...
1843bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
1844bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1845bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe830000 'C:\Windows\system32\ole32.dll'
1846bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeda0000 'C:\Windows\system32\ADVAPI32.dll'
1847bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll
1848bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1849bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc80000 'C:\Windows\system32\profapi.dll'
1850bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1851bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
1852bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1853bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1854bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1855bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
1856bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1857bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1858bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
1859bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
1860bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
1861bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
1862bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
1863bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1864bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1865bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1866bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1867bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1868bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1869bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1870bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1871bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1872bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1873bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1874bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1875bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
1876bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1877bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1878bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
1879bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1880bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1881bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
1882bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1883bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1884bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
1885bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1886bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1887bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1888bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1889bd0.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
1890bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1891bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1892bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1893bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
1894bd0.fdc: supR3HardenedDllNotificationCallback: load 000007feea050000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
1895bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
1896bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea050000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
1897bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
1898bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4640:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1899bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbb0000 'C:\Windows\system32\CRYPTBASE.dll'
1900bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000528 pwszName=\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
1901bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000805830
1902bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000805830
1903bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
1904bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\uxtheme.dll'
1905bd0.fdc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1906bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1907bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1908bd0.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
1909bd0.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\uxtheme.dll) WinVerifyTrust
1910bd0.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
1911bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1912bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1913bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1914bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1915bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1916bd0.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1917bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000817d30:C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1918bd0.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
1919bd0.fdc: supR3HardenedDllNotificationCallback: load 000007fefb430000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
1920bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
1921bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb430000 'C:\Windows\system32\uxtheme.dll'
1922bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
1923bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000817d30:C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1924bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb430000 'C:\Windows\system32\uxtheme.dll'
1925bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
1926bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000817d30:C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1927bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb430000 'C:\Windows\system32\uxtheme.dll'
1928bd0.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
1929bd0.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000817d30:C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\DevSuiteHome_1\jdk\jre\bin\classic;C:\DevSuiteHome_1\jdk\jre\bin;C:\DevSuiteHome_1\jdk\jre\bin\client;C:\DevSuiteHome_1\jlib;C:\DevSuiteHome_1\bin;C:\DevSuiteHome_1\jre\1.4.2\bin\client;C:\DevSuiteHome_1\jre\1.4.2\bin;C:\app\Administrator\product\11.2.0\client_1\bin;C:\app\Administrator\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
1930bd0.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb430000 'C:\Windows\system32\uxtheme.dll'
1931550.16a8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1372 ms, the end);
193236c.15f4: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1744 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy