VirtualBox

Ticket #17308: VBoxHardening.log

File VBoxHardening.log, 449.4 KB (added by Abdul-Khader Welaye, 7 years ago)

VirtualBox Hardening Log

Line 
1500.e4c: Log file opened: 5.2.2r119230 g_hStartupLog=00000000000017e0 g_uNtVerCombined=0x520ece20
2500.e4c: \SystemRoot\System32\ntdll.dll:
3500.e4c: CreationTime: 2007-02-18T17:57:32.000000000Z
4500.e4c: LastWriteTime: 2011-11-23T06:18:26.000000000Z
5500.e4c: ChangeTime: 2017-11-16T02:41:15.125000000Z
6500.e4c: FileAttributes: 0x20
7500.e4c: Size: 0x135600
8500.e4c: NT Headers: 0xe0
9500.e4c: Timestamp: 0x4ecbcdb6
10500.e4c: Machine: 0x8664 - amd64
11500.e4c: Timestamp: 0x4ecbcdb6
12500.e4c: Image Version: 5.2
13500.e4c: SizeOfImage: 0x13c000 (1294336)
14500.e4c: Resource Dir: 0x10c000 LB 0x2e250
15500.e4c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
16500.e4c: [Raw version resource data: 0x10c0a0 LB 0x37c, codepage 0x0 (reserved 0x0)]
17500.e4c: ProductName: Microsoft® Windows® Operating System
18500.e4c: ProductVersion: 5.2.3790.4937
19500.e4c: FileVersion: 5.2.3790.4937 (srv03_sp2_gdr.111121-0236)
20500.e4c: FileDescription: NT Layer DLL
21500.e4c: \SystemRoot\System32\kernel32.dll:
22500.e4c: CreationTime: 2014-02-06T23:05:16.000000000Z
23500.e4c: LastWriteTime: 2014-02-06T23:05:16.000000000Z
24500.e4c: ChangeTime: 2017-11-16T03:13:51.984375000Z
25500.e4c: FileAttributes: 0x20
26500.e4c: Size: 0x172a00
27500.e4c: NT Headers: 0xf0
28500.e4c: Timestamp: 0x52f3550a
29500.e4c: Machine: 0x8664 - amd64
30500.e4c: Timestamp: 0x52f3550a
31500.e4c: Image Version: 5.2
32500.e4c: SizeOfImage: 0x176000 (1531904)
33500.e4c: Resource Dir: 0x107000 LB 0x6a6c8
34500.e4c: [Version info resource found at 0x13c8! (ID/Name: 0x1; SubID/SubName: 0x409)]
35500.e4c: [Raw version resource data: 0x167f30 LB 0x3a0, codepage 0x0 (reserved 0x0)]
36500.e4c: ProductName: Microsoft® Windows® Operating System
37500.e4c: ProductVersion: 5.2.3790.5295
38500.e4c: FileVersion: 5.2.3790.5295 (srv03_sp2_qfe.140205-1447)
39500.e4c: FileDescription: Windows NT BASE API Client DLL
40500.e4c: Found driver aswVmm (0x4)
41500.e4c: Found driver aswRvrt (0x4)
42500.e4c: supR3HardenedWinFindAdversaries: 0x4
43500.e4c: \SystemRoot\System32\drivers\aswHwid.sys:
44500.e4c: CreationTime: 2017-11-16T04:47:30.156250000Z
45500.e4c: LastWriteTime: 2017-11-16T04:47:26.421875000Z
46500.e4c: ChangeTime: 2017-11-16T04:47:28.109375000Z
47500.e4c: FileAttributes: 0x20
48500.e4c: Size: 0xb7a0
49500.e4c: NT Headers: 0xe8
50500.e4c: Timestamp: 0x59f8a770
51500.e4c: Machine: 0x8664 - amd64
52500.e4c: Timestamp: 0x59f8a770
53500.e4c: Image Version: 6.0
54500.e4c: SizeOfImage: 0xa000 (40960)
55500.e4c: Resource Dir: 0x8000 LB 0x388
56500.e4c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
57500.e4c: [Raw version resource data: 0x8060 LB 0x324, codepage 0x0 (reserved 0x0)]
58500.e4c: ProductName: Avast Antivirus
59500.e4c: ProductVersion: 17.8.3698.0
60500.e4c: FileVersion: 17.8.3698.0
61500.e4c: FileDescription: Avast HWID
62500.e4c: \SystemRoot\System32\drivers\aswMonFlt.sys:
63500.e4c: CreationTime: 2017-11-16T04:47:30.171875000Z
64500.e4c: LastWriteTime: 2017-11-16T04:47:26.437500000Z
65500.e4c: ChangeTime: 2017-11-16T04:47:28.109375000Z
66500.e4c: FileAttributes: 0x20
67500.e4c: Size: 0x24340
68500.e4c: NT Headers: 0xf0
69500.e4c: Timestamp: 0x59f8ab9d
70500.e4c: Machine: 0x8664 - amd64
71500.e4c: Timestamp: 0x59f8ab9d
72500.e4c: Image Version: 6.0
73500.e4c: SizeOfImage: 0x28000 (163840)
74500.e4c: Resource Dir: 0x26000 LB 0x3b0
75500.e4c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
76500.e4c: [Raw version resource data: 0x26060 LB 0x34c, codepage 0x0 (reserved 0x0)]
77500.e4c: ProductName: Avast Antivirus
78500.e4c: ProductVersion: 17.8.3698.0
79500.e4c: FileVersion: 17.8.3698.0
80500.e4c: FileDescription: Avast File System Minifilter for Windows 2003/Vista
81500.e4c: \SystemRoot\System32\drivers\aswRvrt.sys:
82500.e4c: CreationTime: 2017-11-16T04:47:30.171875000Z
83500.e4c: LastWriteTime: 2017-11-16T04:47:26.437500000Z
84500.e4c: ChangeTime: 2017-11-16T04:47:28.109375000Z
85500.e4c: FileAttributes: 0x20
86500.e4c: Size: 0x149c0
87500.e4c: NT Headers: 0xf0
88500.e4c: Timestamp: 0x59f8a776
89500.e4c: Machine: 0x8664 - amd64
90500.e4c: Timestamp: 0x59f8a776
91500.e4c: Image Version: 6.0
92500.e4c: SizeOfImage: 0x13000 (77824)
93500.e4c: Resource Dir: 0x11000 LB 0x388
94500.e4c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
95500.e4c: [Raw version resource data: 0x11060 LB 0x328, codepage 0x0 (reserved 0x0)]
96500.e4c: ProductName: Avast Antivirus
97500.e4c: ProductVersion: 17.8.3698.0
98500.e4c: FileVersion: 17.8.3698.0
99500.e4c: FileDescription: Avast Revert
100500.e4c: \SystemRoot\System32\drivers\aswsp.sys:
101500.e4c: CreationTime: 2017-11-16T04:47:30.187500000Z
102500.e4c: LastWriteTime: 2017-11-16T04:47:34.328125000Z
103500.e4c: ChangeTime: 2017-11-16T04:47:34.328125000Z
104500.e4c: FileAttributes: 0x20
105500.e4c: Size: 0x6f2d0
106500.e4c: NT Headers: 0xe8
107500.e4c: Timestamp: 0x5a0ad3b2
108500.e4c: Machine: 0x8664 - amd64
109500.e4c: Timestamp: 0x5a0ad3b2
110500.e4c: Image Version: 6.0
111500.e4c: SizeOfImage: 0x71000 (462848)
112500.e4c: Resource Dir: 0x6f000 LB 0x378
113500.e4c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
114500.e4c: [Raw version resource data: 0x6f060 LB 0x318, codepage 0x0 (reserved 0x0)]
115500.e4c: ProductName: Avast Antivirus
116500.e4c: ProductVersion: 17.8.3705.249
117500.e4c: FileVersion: 17.8.3705.249
118500.e4c: FileDescription: Avast self protection module
119500.e4c: \SystemRoot\System32\drivers\aswVmm.sys:
120500.e4c: CreationTime: 2017-11-16T04:47:30.187500000Z
121500.e4c: LastWriteTime: 2017-11-16T04:47:26.468750000Z
122500.e4c: ChangeTime: 2017-11-16T04:47:28.109375000Z
123500.e4c: FileAttributes: 0x20
124500.e4c: Size: 0x58fb0
125500.e4c: NT Headers: 0xf0
126500.e4c: Timestamp: 0x59f8aba0
127500.e4c: Machine: 0x8664 - amd64
128500.e4c: Timestamp: 0x59f8aba0
129500.e4c: Image Version: 6.0
130500.e4c: SizeOfImage: 0x57000 (356352)
131500.e4c: Resource Dir: 0x54000 LB 0x390
132500.e4c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
133500.e4c: [Raw version resource data: 0x54060 LB 0x330, codepage 0x0 (reserved 0x0)]
134500.e4c: ProductName: Avast Antivirus
135500.e4c: ProductVersion: 17.8.3698.0
136500.e4c: FileVersion: 17.8.3698.0
137500.e4c: FileDescription: Avast VM Monitor
138500.e4c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
139500.e4c: Calling main()
140500.e4c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
141500.e4c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
142500.e4c: SUPR3HardenedMain: Respawn #1
143500.e4c: System32: \Device\HarddiskVolume1\WINDOWS\system32
144500.e4c: WinSxS: \Device\HarddiskVolume1\WINDOWS\WinSxS
145500.e4c: KnownDllPath: C:\WINDOWS\system32
146500.e4c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
147500.e4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
148500.e4c: supR3HardNtEnableThreadCreation:
149500.e4c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077ef24b0 pvNtTerminateThread=0000000077ef0960
150500.e4c: supR3HardenedWinDoReSpawn(1): New child f54.10dc [kernel32].
151500.e4c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x358
152500.e4c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077ec0000 uNtDllChildAddr=0000000077ec0000
153500.e4c: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077ef24b0
154500.e4c: supR3HardenedWinSetupChildInit: Start child.
155500.e4c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 8 ms.
156500.e4c: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 59 sleeps
157500.e4c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
158500.e4c: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
159500.e4c: *0000000000010000-0000000000010fff 0x0004/0x0004 0x0020000
160500.e4c: 0000000000011000-000000000001ffff 0x0001/0x0000 0x0000000
161500.e4c: *0000000000020000-0000000000020fff 0x0004/0x0004 0x0020000
162500.e4c: 0000000000021000-000000000002ffff 0x0001/0x0000 0x0000000
163500.e4c: *0000000000030000-000000000012bfff 0x0000/0x0004 0x0020000
164500.e4c: 000000000012c000-000000000012dfff 0x0104/0x0004 0x0020000
165500.e4c: 000000000012e000-000000000012ffff 0x0004/0x0004 0x0020000
166500.e4c: *0000000000130000-0000000000134fff 0x0002/0x0002 0x0040000
167500.e4c: 0000000000135000-0000000077ebffff 0x0001/0x0000 0x0000000
168500.e4c: *0000000077ec0000-0000000077ec0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
169500.e4c: 0000000077ec1000-0000000077fa5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
170500.e4c: 0000000077fa6000-0000000077faefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
171500.e4c: 0000000077faf000-0000000077ffbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
172500.e4c: 0000000077ffc000-000000007efdffff 0x0001/0x0000 0x0000000
173500.e4c: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
174500.e4c: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
175500.e4c: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
176500.e4c: 000000007fff0000-000000013fffffff 0x0001/0x0000 0x0000000
177500.e4c: *0000000140000000-0000000140000fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
178500.e4c: 0000000140001000-0000000140071fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
179500.e4c: 0000000140072000-0000000140072fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
180500.e4c: 0000000140073000-00000001400b8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
181500.e4c: 00000001400b9000-00000001400b9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
182500.e4c: 00000001400ba000-00000001400bafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
183500.e4c: 00000001400bb000-00000001400bffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
184500.e4c: 00000001400c0000-00000001400c0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
185500.e4c: 00000001400c1000-00000001400c1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
186500.e4c: 00000001400c2000-00000001400c5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
187500.e4c: 00000001400c6000-000000014010dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
188500.e4c: 000000014010e000-000007fffffaffff 0x0001/0x0000 0x0000000
189500.e4c: *000007fffffb0000-000007fffffd3fff 0x0002/0x0002 0x0040000
190500.e4c: 000007fffffd4000-000007fffffd5fff 0x0001/0x0000 0x0000000
191500.e4c: *000007fffffd6000-000007fffffd6fff 0x0004/0x0004 0x0020000
192500.e4c: 000007fffffd7000-000007fffffddfff 0x0001/0x0000 0x0000000
193500.e4c: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
194500.e4c: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
195500.e4c: VirtualBox.exe: timestamp 0x5a15a474 (rc=VINF_SUCCESS)
196500.e4c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
197500.e4c: '\Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll' has no imports
198500.e4c: supR3HardNtChildPurify: Done after 545 ms and 0 fixes (loop #0).
199500.e4c: supR3HardNtEnableThreadCreation:
200f54.10dc: Log file opened: 5.2.2r119230 g_hStartupLog=00000000000017fc g_uNtVerCombined=0x520ece00
201f54.10dc: supR3HardenedVmProcessInit: uNtDllAddr=0000000077ec0000 g_uNtVerCombined=0x520ece00
202f54.10dc: ntdll.dll: timestamp 0x4ecbcdb6 (rc=VINF_SUCCESS)
203f54.10dc: New simple heap: #1 0000000000240000 LB 0x400000 (for 1294336 allocation)
204f54.10dc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
205f54.10dc: System32: \Device\HarddiskVolume1\WINDOWS\system32
206f54.10dc: WinSxS: \Device\HarddiskVolume1\WINDOWS\WinSxS
207f54.10dc: KnownDllPath: C:\WINDOWS\system32
208f54.10dc: supR3HardenedVmProcessInit: Opening vboxdrv stub...
209f54.10dc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
210f54.10dc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
211f54.10dc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll)
212f54.10dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll
213f54.10dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
214f54.10dc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll [lacks WinVerifyTrust]
215f54.10dc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll [lacks WinVerifyTrust]
216f54.10dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077d40000 'C:\WINDOWS\system32\kernel32.dll'
217f54.10dc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077ef24b0 pvNtTerminateThread=0000000077ef0960
218500.e4c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 31 ms.
219f54.10dc: \SystemRoot\System32\ntdll.dll:
220f54.10dc: CreationTime: 2007-02-18T17:57:32.000000000Z
221f54.10dc: LastWriteTime: 2011-11-23T06:18:26.000000000Z
222f54.10dc: ChangeTime: 2017-11-16T02:41:15.125000000Z
223f54.10dc: FileAttributes: 0x20
224f54.10dc: Size: 0x135600
225f54.10dc: NT Headers: 0xe0
226f54.10dc: Timestamp: 0x4ecbcdb6
227f54.10dc: Machine: 0x8664 - amd64
228f54.10dc: Timestamp: 0x4ecbcdb6
229f54.10dc: Image Version: 5.2
230f54.10dc: SizeOfImage: 0x13c000 (1294336)
231f54.10dc: Resource Dir: 0x10c000 LB 0x2e250
232f54.10dc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
233f54.10dc: [Raw version resource data: 0x10c0a0 LB 0x37c, codepage 0x0 (reserved 0x0)]
234f54.10dc: ProductName: Microsoft® Windows® Operating System
235f54.10dc: ProductVersion: 5.2.3790.4937
236f54.10dc: FileVersion: 5.2.3790.4937 (srv03_sp2_gdr.111121-0236)
237f54.10dc: FileDescription: NT Layer DLL
238f54.10dc: \SystemRoot\System32\kernel32.dll:
239f54.10dc: CreationTime: 2014-02-06T23:05:16.000000000Z
240f54.10dc: LastWriteTime: 2014-02-06T23:05:16.000000000Z
241f54.10dc: ChangeTime: 2017-11-16T03:13:51.984375000Z
242f54.10dc: FileAttributes: 0x20
243f54.10dc: Size: 0x172a00
244f54.10dc: NT Headers: 0xf0
245f54.10dc: Timestamp: 0x52f3550a
246f54.10dc: Machine: 0x8664 - amd64
247f54.10dc: Timestamp: 0x52f3550a
248f54.10dc: Image Version: 5.2
249f54.10dc: SizeOfImage: 0x176000 (1531904)
250f54.10dc: Resource Dir: 0x107000 LB 0x6a6c8
251f54.10dc: [Version info resource found at 0x13c8! (ID/Name: 0x1; SubID/SubName: 0x409)]
252f54.10dc: [Raw version resource data: 0x167f30 LB 0x3a0, codepage 0x0 (reserved 0x0)]
253f54.10dc: ProductName: Microsoft® Windows® Operating System
254f54.10dc: ProductVersion: 5.2.3790.5295
255f54.10dc: FileVersion: 5.2.3790.5295 (srv03_sp2_qfe.140205-1447)
256f54.10dc: FileDescription: Windows NT BASE API Client DLL
257f54.10dc: Found driver aswVmm (0x4)
258f54.10dc: Found driver aswRvrt (0x4)
259f54.10dc: supR3HardenedWinFindAdversaries: 0x4
260f54.10dc: \SystemRoot\System32\drivers\aswHwid.sys:
261f54.10dc: CreationTime: 2017-11-16T04:47:30.156250000Z
262f54.10dc: LastWriteTime: 2017-11-16T04:47:26.421875000Z
263f54.10dc: ChangeTime: 2017-11-16T04:47:28.109375000Z
264f54.10dc: FileAttributes: 0x20
265f54.10dc: Size: 0xb7a0
266f54.10dc: NT Headers: 0xe8
267f54.10dc: Timestamp: 0x59f8a770
268f54.10dc: Machine: 0x8664 - amd64
269f54.10dc: Timestamp: 0x59f8a770
270f54.10dc: Image Version: 6.0
271f54.10dc: SizeOfImage: 0xa000 (40960)
272f54.10dc: Resource Dir: 0x8000 LB 0x388
273f54.10dc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
274f54.10dc: [Raw version resource data: 0x8060 LB 0x324, codepage 0x0 (reserved 0x0)]
275f54.10dc: ProductName: Avast Antivirus
276f54.10dc: ProductVersion: 17.8.3698.0
277f54.10dc: FileVersion: 17.8.3698.0
278f54.10dc: FileDescription: Avast HWID
279f54.10dc: \SystemRoot\System32\drivers\aswMonFlt.sys:
280f54.10dc: CreationTime: 2017-11-16T04:47:30.171875000Z
281f54.10dc: LastWriteTime: 2017-11-16T04:47:26.437500000Z
282f54.10dc: ChangeTime: 2017-11-16T04:47:28.109375000Z
283f54.10dc: FileAttributes: 0x20
284f54.10dc: Size: 0x24340
285f54.10dc: NT Headers: 0xf0
286f54.10dc: Timestamp: 0x59f8ab9d
287f54.10dc: Machine: 0x8664 - amd64
288f54.10dc: Timestamp: 0x59f8ab9d
289f54.10dc: Image Version: 6.0
290f54.10dc: SizeOfImage: 0x28000 (163840)
291f54.10dc: Resource Dir: 0x26000 LB 0x3b0
292f54.10dc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
293f54.10dc: [Raw version resource data: 0x26060 LB 0x34c, codepage 0x0 (reserved 0x0)]
294f54.10dc: ProductName: Avast Antivirus
295f54.10dc: ProductVersion: 17.8.3698.0
296f54.10dc: FileVersion: 17.8.3698.0
297f54.10dc: FileDescription: Avast File System Minifilter for Windows 2003/Vista
298f54.10dc: \SystemRoot\System32\drivers\aswRvrt.sys:
299f54.10dc: CreationTime: 2017-11-16T04:47:30.171875000Z
300f54.10dc: LastWriteTime: 2017-11-16T04:47:26.437500000Z
301f54.10dc: ChangeTime: 2017-11-16T04:47:28.109375000Z
302f54.10dc: FileAttributes: 0x20
303f54.10dc: Size: 0x149c0
304f54.10dc: NT Headers: 0xf0
305f54.10dc: Timestamp: 0x59f8a776
306f54.10dc: Machine: 0x8664 - amd64
307f54.10dc: Timestamp: 0x59f8a776
308f54.10dc: Image Version: 6.0
309f54.10dc: SizeOfImage: 0x13000 (77824)
310f54.10dc: Resource Dir: 0x11000 LB 0x388
311f54.10dc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
312f54.10dc: [Raw version resource data: 0x11060 LB 0x328, codepage 0x0 (reserved 0x0)]
313f54.10dc: ProductName: Avast Antivirus
314f54.10dc: ProductVersion: 17.8.3698.0
315f54.10dc: FileVersion: 17.8.3698.0
316f54.10dc: FileDescription: Avast Revert
317f54.10dc: \SystemRoot\System32\drivers\aswsp.sys:
318f54.10dc: CreationTime: 2017-11-16T04:47:30.187500000Z
319f54.10dc: LastWriteTime: 2017-11-16T04:47:34.328125000Z
320f54.10dc: ChangeTime: 2017-11-16T04:47:34.328125000Z
321f54.10dc: FileAttributes: 0x20
322f54.10dc: Size: 0x6f2d0
323f54.10dc: NT Headers: 0xe8
324f54.10dc: Timestamp: 0x5a0ad3b2
325f54.10dc: Machine: 0x8664 - amd64
326f54.10dc: Timestamp: 0x5a0ad3b2
327f54.10dc: Image Version: 6.0
328f54.10dc: SizeOfImage: 0x71000 (462848)
329f54.10dc: Resource Dir: 0x6f000 LB 0x378
330f54.10dc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
331f54.10dc: [Raw version resource data: 0x6f060 LB 0x318, codepage 0x0 (reserved 0x0)]
332f54.10dc: ProductName: Avast Antivirus
333f54.10dc: ProductVersion: 17.8.3705.249
334f54.10dc: FileVersion: 17.8.3705.249
335f54.10dc: FileDescription: Avast self protection module
336f54.10dc: \SystemRoot\System32\drivers\aswVmm.sys:
337f54.10dc: CreationTime: 2017-11-16T04:47:30.187500000Z
338f54.10dc: LastWriteTime: 2017-11-16T04:47:26.468750000Z
339f54.10dc: ChangeTime: 2017-11-16T04:47:28.109375000Z
340f54.10dc: FileAttributes: 0x20
341f54.10dc: Size: 0x58fb0
342f54.10dc: NT Headers: 0xf0
343f54.10dc: Timestamp: 0x59f8aba0
344f54.10dc: Machine: 0x8664 - amd64
345f54.10dc: Timestamp: 0x59f8aba0
346f54.10dc: Image Version: 6.0
347f54.10dc: SizeOfImage: 0x57000 (356352)
348f54.10dc: Resource Dir: 0x54000 LB 0x390
349f54.10dc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
350f54.10dc: [Raw version resource data: 0x54060 LB 0x330, codepage 0x0 (reserved 0x0)]
351f54.10dc: ProductName: Avast Antivirus
352f54.10dc: ProductVersion: 17.8.3698.0
353f54.10dc: FileVersion: 17.8.3698.0
354f54.10dc: FileDescription: Avast VM Monitor
355f54.10dc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
356f54.10dc: Calling main()
357f54.10dc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
358f54.10dc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
359f54.10dc: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
360f54.10dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
361f54.10dc: SUPR3HardenedMain: Respawn #2
362f54.10dc: supR3HardNtEnableThreadCreation:
363f54.10dc: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
364f54.10dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
365f54.10dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
366f54.10dc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077ef24b0 pvNtTerminateThread=0000000077ef0960
367f54.10dc: supR3HardenedWinDoReSpawn(2): New child 4c4.368 [kernel32].
368f54.10dc: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdd000 cbPeb=0x358
369f54.10dc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077ec0000 uNtDllChildAddr=0000000077ec0000
370f54.10dc: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077ef24b0
371f54.10dc: supR3HardenedWinSetupChildInit: Start child.
372f54.10dc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 8 ms.
373f54.10dc: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 59 sleeps
374f54.10dc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
375f54.10dc: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
376f54.10dc: *0000000000010000-0000000000010fff 0x0004/0x0004 0x0020000
377f54.10dc: 0000000000011000-000000000001ffff 0x0001/0x0000 0x0000000
378f54.10dc: *0000000000020000-0000000000020fff 0x0004/0x0004 0x0020000
379f54.10dc: 0000000000021000-000000000002ffff 0x0001/0x0000 0x0000000
380f54.10dc: *0000000000030000-000000000012bfff 0x0000/0x0004 0x0020000
381f54.10dc: 000000000012c000-000000000012dfff 0x0104/0x0004 0x0020000
382f54.10dc: 000000000012e000-000000000012ffff 0x0004/0x0004 0x0020000
383f54.10dc: *0000000000130000-0000000000134fff 0x0002/0x0002 0x0040000
384f54.10dc: 0000000000135000-0000000077ebffff 0x0001/0x0000 0x0000000
385f54.10dc: *0000000077ec0000-0000000077ec0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
386f54.10dc: 0000000077ec1000-0000000077fa5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
387f54.10dc: 0000000077fa6000-0000000077faefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
388f54.10dc: 0000000077faf000-0000000077ffbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll
389f54.10dc: 0000000077ffc000-000000007efdffff 0x0001/0x0000 0x0000000
390f54.10dc: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
391f54.10dc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
392f54.10dc: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
393f54.10dc: 000000007fff0000-000000013fffffff 0x0001/0x0000 0x0000000
394f54.10dc: *0000000140000000-0000000140000fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
395f54.10dc: 0000000140001000-0000000140071fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
396f54.10dc: 0000000140072000-0000000140072fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
397f54.10dc: 0000000140073000-00000001400b8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
398f54.10dc: 00000001400b9000-00000001400b9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
399f54.10dc: 00000001400ba000-00000001400bafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
400f54.10dc: 00000001400bb000-00000001400bffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
401f54.10dc: 00000001400c0000-00000001400c0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
402f54.10dc: 00000001400c1000-00000001400c1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
403f54.10dc: 00000001400c2000-00000001400c5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
404f54.10dc: 00000001400c6000-000000014010dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
405f54.10dc: 000000014010e000-000007fffffaffff 0x0001/0x0000 0x0000000
406f54.10dc: *000007fffffb0000-000007fffffd3fff 0x0002/0x0002 0x0040000
407f54.10dc: 000007fffffd4000-000007fffffdafff 0x0001/0x0000 0x0000000
408f54.10dc: *000007fffffdb000-000007fffffdcfff 0x0004/0x0004 0x0020000
409f54.10dc: *000007fffffdd000-000007fffffddfff 0x0004/0x0004 0x0020000
410f54.10dc: 000007fffffde000-000007fffffdffff 0x0001/0x0000 0x0000000
411f54.10dc: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
412f54.10dc: VirtualBox.exe: timestamp 0x5a15a474 (rc=VINF_SUCCESS)
413f54.10dc: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
414f54.10dc: '\Device\HarddiskVolume1\WINDOWS\system32\ntdll.dll' has no imports
415f54.10dc: supR3HardNtChildPurify: Done after 526 ms and 0 fixes (loop #0).
416f54.10dc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000240000 LB 0x400000)
417f54.10dc: supR3HardNtEnableThreadCreation:
4184c4.368: Log file opened: 5.2.2r119230 g_hStartupLog=00000000000017fc g_uNtVerCombined=0x520ece00
4194c4.368: supR3HardenedVmProcessInit: uNtDllAddr=0000000077ec0000 g_uNtVerCombined=0x520ece00
4204c4.368: ntdll.dll: timestamp 0x4ecbcdb6 (rc=VINF_SUCCESS)
4214c4.368: New simple heap: #1 0000000000240000 LB 0x400000 (for 1294336 allocation)
4224c4.368: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
4234c4.368: System32: \Device\HarddiskVolume1\WINDOWS\system32
4244c4.368: WinSxS: \Device\HarddiskVolume1\WINDOWS\WinSxS
4254c4.368: KnownDllPath: C:\WINDOWS\system32
4264c4.368: supR3HardenedVmProcessInit: Opening vboxdrv...
4274c4.368: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
4284c4.368: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
4294c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll)
4304c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll
4314c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4324c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll [lacks WinVerifyTrust]
4334c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll [lacks WinVerifyTrust]
4344c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077d40000 'C:\WINDOWS\system32\kernel32.dll'
4354c4.368: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077ef24b0 pvNtTerminateThread=0000000077ef0960
436f54.10dc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 14 ms.
4374c4.368: \SystemRoot\System32\ntdll.dll:
4384c4.368: CreationTime: 2007-02-18T17:57:32.000000000Z
4394c4.368: LastWriteTime: 2011-11-23T06:18:26.000000000Z
4404c4.368: ChangeTime: 2017-11-16T02:41:15.125000000Z
4414c4.368: FileAttributes: 0x20
4424c4.368: Size: 0x135600
4434c4.368: NT Headers: 0xe0
4444c4.368: Timestamp: 0x4ecbcdb6
4454c4.368: Machine: 0x8664 - amd64
4464c4.368: Timestamp: 0x4ecbcdb6
4474c4.368: Image Version: 5.2
4484c4.368: SizeOfImage: 0x13c000 (1294336)
4494c4.368: Resource Dir: 0x10c000 LB 0x2e250
4504c4.368: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4514c4.368: [Raw version resource data: 0x10c0a0 LB 0x37c, codepage 0x0 (reserved 0x0)]
4524c4.368: ProductName: Microsoft® Windows® Operating System
4534c4.368: ProductVersion: 5.2.3790.4937
4544c4.368: FileVersion: 5.2.3790.4937 (srv03_sp2_gdr.111121-0236)
4554c4.368: FileDescription: NT Layer DLL
4564c4.368: \SystemRoot\System32\kernel32.dll:
4574c4.368: CreationTime: 2014-02-06T23:05:16.000000000Z
4584c4.368: LastWriteTime: 2014-02-06T23:05:16.000000000Z
4594c4.368: ChangeTime: 2017-11-16T03:13:51.984375000Z
4604c4.368: FileAttributes: 0x20
4614c4.368: Size: 0x172a00
4624c4.368: NT Headers: 0xf0
4634c4.368: Timestamp: 0x52f3550a
4644c4.368: Machine: 0x8664 - amd64
4654c4.368: Timestamp: 0x52f3550a
4664c4.368: Image Version: 5.2
4674c4.368: SizeOfImage: 0x176000 (1531904)
4684c4.368: Resource Dir: 0x107000 LB 0x6a6c8
4694c4.368: [Version info resource found at 0x13c8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4704c4.368: [Raw version resource data: 0x167f30 LB 0x3a0, codepage 0x0 (reserved 0x0)]
4714c4.368: ProductName: Microsoft® Windows® Operating System
4724c4.368: ProductVersion: 5.2.3790.5295
4734c4.368: FileVersion: 5.2.3790.5295 (srv03_sp2_qfe.140205-1447)
4744c4.368: FileDescription: Windows NT BASE API Client DLL
4754c4.368: Found driver aswVmm (0x4)
4764c4.368: Found driver aswRvrt (0x4)
4774c4.368: supR3HardenedWinFindAdversaries: 0x4
4784c4.368: \SystemRoot\System32\drivers\aswHwid.sys:
4794c4.368: CreationTime: 2017-11-16T04:47:30.156250000Z
4804c4.368: LastWriteTime: 2017-11-16T04:47:26.421875000Z
4814c4.368: ChangeTime: 2017-11-16T04:47:28.109375000Z
4824c4.368: FileAttributes: 0x20
4834c4.368: Size: 0xb7a0
4844c4.368: NT Headers: 0xe8
4854c4.368: Timestamp: 0x59f8a770
4864c4.368: Machine: 0x8664 - amd64
4874c4.368: Timestamp: 0x59f8a770
4884c4.368: Image Version: 6.0
4894c4.368: SizeOfImage: 0xa000 (40960)
4904c4.368: Resource Dir: 0x8000 LB 0x388
4914c4.368: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4924c4.368: [Raw version resource data: 0x8060 LB 0x324, codepage 0x0 (reserved 0x0)]
4934c4.368: ProductName: Avast Antivirus
4944c4.368: ProductVersion: 17.8.3698.0
4954c4.368: FileVersion: 17.8.3698.0
4964c4.368: FileDescription: Avast HWID
4974c4.368: \SystemRoot\System32\drivers\aswMonFlt.sys:
4984c4.368: CreationTime: 2017-11-16T04:47:30.171875000Z
4994c4.368: LastWriteTime: 2017-11-16T04:47:26.437500000Z
5004c4.368: ChangeTime: 2017-11-16T04:47:28.109375000Z
5014c4.368: FileAttributes: 0x20
5024c4.368: Size: 0x24340
5034c4.368: NT Headers: 0xf0
5044c4.368: Timestamp: 0x59f8ab9d
5054c4.368: Machine: 0x8664 - amd64
5064c4.368: Timestamp: 0x59f8ab9d
5074c4.368: Image Version: 6.0
5084c4.368: SizeOfImage: 0x28000 (163840)
5094c4.368: Resource Dir: 0x26000 LB 0x3b0
5104c4.368: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5114c4.368: [Raw version resource data: 0x26060 LB 0x34c, codepage 0x0 (reserved 0x0)]
5124c4.368: ProductName: Avast Antivirus
5134c4.368: ProductVersion: 17.8.3698.0
5144c4.368: FileVersion: 17.8.3698.0
5154c4.368: FileDescription: Avast File System Minifilter for Windows 2003/Vista
5164c4.368: \SystemRoot\System32\drivers\aswRvrt.sys:
5174c4.368: CreationTime: 2017-11-16T04:47:30.171875000Z
5184c4.368: LastWriteTime: 2017-11-16T04:47:26.437500000Z
5194c4.368: ChangeTime: 2017-11-16T04:47:28.109375000Z
5204c4.368: FileAttributes: 0x20
5214c4.368: Size: 0x149c0
5224c4.368: NT Headers: 0xf0
5234c4.368: Timestamp: 0x59f8a776
5244c4.368: Machine: 0x8664 - amd64
5254c4.368: Timestamp: 0x59f8a776
5264c4.368: Image Version: 6.0
5274c4.368: SizeOfImage: 0x13000 (77824)
5284c4.368: Resource Dir: 0x11000 LB 0x388
5294c4.368: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5304c4.368: [Raw version resource data: 0x11060 LB 0x328, codepage 0x0 (reserved 0x0)]
5314c4.368: ProductName: Avast Antivirus
5324c4.368: ProductVersion: 17.8.3698.0
5334c4.368: FileVersion: 17.8.3698.0
5344c4.368: FileDescription: Avast Revert
5354c4.368: \SystemRoot\System32\drivers\aswsp.sys:
5364c4.368: CreationTime: 2017-11-16T04:47:30.187500000Z
5374c4.368: LastWriteTime: 2017-11-16T04:47:34.328125000Z
5384c4.368: ChangeTime: 2017-11-16T04:47:34.328125000Z
5394c4.368: FileAttributes: 0x20
5404c4.368: Size: 0x6f2d0
5414c4.368: NT Headers: 0xe8
5424c4.368: Timestamp: 0x5a0ad3b2
5434c4.368: Machine: 0x8664 - amd64
5444c4.368: Timestamp: 0x5a0ad3b2
5454c4.368: Image Version: 6.0
5464c4.368: SizeOfImage: 0x71000 (462848)
5474c4.368: Resource Dir: 0x6f000 LB 0x378
5484c4.368: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5494c4.368: [Raw version resource data: 0x6f060 LB 0x318, codepage 0x0 (reserved 0x0)]
5504c4.368: ProductName: Avast Antivirus
5514c4.368: ProductVersion: 17.8.3705.249
5524c4.368: FileVersion: 17.8.3705.249
5534c4.368: FileDescription: Avast self protection module
5544c4.368: \SystemRoot\System32\drivers\aswVmm.sys:
5554c4.368: CreationTime: 2017-11-16T04:47:30.187500000Z
5564c4.368: LastWriteTime: 2017-11-16T04:47:26.468750000Z
5574c4.368: ChangeTime: 2017-11-16T04:47:28.109375000Z
5584c4.368: FileAttributes: 0x20
5594c4.368: Size: 0x58fb0
5604c4.368: NT Headers: 0xf0
5614c4.368: Timestamp: 0x59f8aba0
5624c4.368: Machine: 0x8664 - amd64
5634c4.368: Timestamp: 0x59f8aba0
5644c4.368: Image Version: 6.0
5654c4.368: SizeOfImage: 0x57000 (356352)
5664c4.368: Resource Dir: 0x54000 LB 0x390
5674c4.368: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5684c4.368: [Raw version resource data: 0x54060 LB 0x330, codepage 0x0 (reserved 0x0)]
5694c4.368: ProductName: Avast Antivirus
5704c4.368: ProductVersion: 17.8.3698.0
5714c4.368: FileVersion: 17.8.3698.0
5724c4.368: FileDescription: Avast VM Monitor
5734c4.368: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
5744c4.368: Calling main()
5754c4.368: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
5764c4.368: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
5774c4.368: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
5784c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
5794c4.368: SUPR3HardenedMain: Final process, opening VBoxDrv...
5804c4.368: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000240000 LB 0x400000)
5814c4.368: supR3HardNtEnableThreadCreation:
5824c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
5834c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
5844c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644c90:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
5854c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5864c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5874c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5884c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
5894c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000180000000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5904c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5914c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
5924c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000180000000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5934c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000180000000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5944c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5954c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
5964c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'crypt32.dll'.
5974c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
5984c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
5994c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'imagehlp.dll'.
6004c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
6014c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll)
6024c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll
6034c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6054c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
6064c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'secur32.dll'.
6074c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll)
6084c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll
6094c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imagehlp.dll'...
6104c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'imagehlp.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\imagehlp.dll' [rcNtRedir=0xc0150008]
6114c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6124c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
6134c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\imagehlp.dll)
6144c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\imagehlp.dll
6154c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6164c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
6174c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
6184c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\user32.dll)
6194c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\user32.dll
6204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll' [rcNtRedir=0xc0150008]
6224c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6234c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
6244c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
6254c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll)
6264c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll
6274c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
6284c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll' [rcNtRedir=0xc0150008]
6294c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
6304c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
6314c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
6324c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
6334c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
6344c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll)
6354c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll
6364c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6374c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
6384c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
6394c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll)
6404c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll
6414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6424c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
6434c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll)
6444c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll
6454c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6474c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
6484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6504c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
6514c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6524c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll' [rcNtRedir=0xc0150008]
6534c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll [lacks WinVerifyTrust]
6544c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6554c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
6564c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
6574c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6584c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
6594c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
6604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
6624c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
6634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6644c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
6654c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
6664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6674c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
6684c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
6694c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6704c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
6714c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
6724c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6734c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
6744c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
6754c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll)
6764c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll
6774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6784c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
6794c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
6804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6814c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
6824c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
6834c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'secur32.dll'...
6844c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'secur32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll' [rcNtRedir=0xc0150008]
6854c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
6864c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll)
6874c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\secur32.dll
6884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6894c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
6904c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
6914c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6924c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
6934c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
6944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
6964c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
6974c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644c90:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
6984c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll [lacks WinVerifyTrust]
6994c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll [lacks WinVerifyTrust]
7004c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll [lacks WinVerifyTrust]
7014c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll [lacks WinVerifyTrust]
7024c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
7034c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
7044c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
7054c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\imm32.dll)
7064c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\imm32.dll
7074c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\imm32.dll [lacks WinVerifyTrust]
7084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7094c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
7104c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
7114c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
7124c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
7134c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll [lacks WinVerifyTrust]
7144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7154c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
7164c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
7174c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7184c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\imm32.dll [lacks WinVerifyTrust]
7194c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\imm32.dll [lacks WinVerifyTrust]
7204c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7d500000 'C:\WINDOWS\system32\IMM32.DLL'
7214c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll [lacks WinVerifyTrust]
7224c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7234c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077d40000 'C:\WINDOWS\system32\kernel32.dll'
7244c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\Wintrust.dll'
7254c4.368: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\bcrypt.dll': 127 (NtPath=\??\C:\WINDOWS\system32\bcrypt.dll; Input=C:\WINDOWS\system32\bcrypt.dll; rcNtGetDll=0x0
7264c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\bcrypt.dll'
7274c4.368: Warning! Failed to load bcrypt.dll
7284c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7294c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
7304c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'psapi.dll'.
7314c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
7324c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\rsaenh.dll)
7334c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\rsaenh.dll
7344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7354c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
7364c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
7374c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
7384c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll' [rcNtRedir=0xc0150008]
7394c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll)
7404c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\psapi.dll
7414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7424c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
7434c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
7444c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7454c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
7464c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
7474c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (Input=rsaenh.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644c90:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7484c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rsaenh.dll [lacks WinVerifyTrust]
7494c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rsaenh.dll [lacks WinVerifyTrust]
7504c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\psapi.dll [lacks WinVerifyTrust]
7514c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll [lacks WinVerifyTrust]
7524c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7534c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff48230000 'C:\WINDOWS\system32\crypt32.dll'
7544c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000068000000 'C:\WINDOWS\system32\rsaenh.dll'
7554c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll [lacks WinVerifyTrust]
7564c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644c90:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7574c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\WINTRUST.DLL'
7584c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll [lacks WinVerifyTrust]
7594c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644c90:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7604c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff48230000 'C:\WINDOWS\system32\CRYPT32.dll'
7614c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7624c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
7634c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
7644c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
7654c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll)
7664c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll
7674c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7684c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
7694c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
7704c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
7714c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
7724c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll [lacks WinVerifyTrust]
7734c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7744c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
7754c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
7764c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
7784c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
7794c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (Input=uxtheme.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7804c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll [lacks WinVerifyTrust]
7814c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll [lacks WinVerifyTrust]
7824c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77230000 'C:\WINDOWS\system32\uxtheme.dll'
7834c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll [lacks WinVerifyTrust]
7844c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (Input=uxtheme.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7854c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77230000 'C:\WINDOWS\system32\uxtheme.dll'
7864c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll [lacks WinVerifyTrust]
7874c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (Input=uxtheme.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7884c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77230000 'C:\WINDOWS\system32\uxtheme.dll'
7894c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll [lacks WinVerifyTrust]
7904c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (Input=uxtheme.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7914c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77230000 'C:\WINDOWS\system32\uxtheme.dll'
7924c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll [lacks WinVerifyTrust]
7934c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (Input=uxtheme.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7944c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77230000 'C:\WINDOWS\system32\uxtheme.dll'
7954c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll [lacks WinVerifyTrust]
7964c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644f10:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
7974c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077d40000 'C:\WINDOWS\system32\kernel32.dll'
7984c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7994c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
8004c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
8014c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
8024c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\userenv.dll)
8034c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll
8044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
8064c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
8074c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8094c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
8104c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
8114c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
8124c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
8134c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
8154c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
8164c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (Input=userenv.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8174c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll [lacks WinVerifyTrust]
8184c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll [lacks WinVerifyTrust]
8194c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c680000 'C:\WINDOWS\system32\userenv.dll'
8204c4.6c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll [lacks WinVerifyTrust]
8214c4.6c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (Input=userenv.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8224c4.6c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c680000 'C:\WINDOWS\system32\userenv.dll'
8234c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
8244c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\version.dll)
8254c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\version.dll
8264c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8274c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
8284c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
8294c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\VERSION.dll (Input=VERSION.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8304c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\version.dll [lacks WinVerifyTrust]
8314c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\version.dll [lacks WinVerifyTrust]
8324c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fbf0000 'C:\WINDOWS\system32\VERSION.dll'
8334c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll [lacks WinVerifyTrust]
8344c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (Input=userenv.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8354c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c680000 'C:\WINDOWS\system32\userenv.dll'
8364c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll [lacks WinVerifyTrust]
8374c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (Input=userenv.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8384c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c680000 'C:\WINDOWS\system32\userenv.dll'
8394c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll [lacks WinVerifyTrust]
8404c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (Input=userenv.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8414c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c680000 'C:\WINDOWS\system32\userenv.dll'
8424c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
8434c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8444c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fd30000 'C:\WINDOWS\system32\rpcrt4.dll'
8454c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8464c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
8474c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
8484c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll)
8494c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
8504c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8514c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8524c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
8534c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
8544c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
8554c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
8564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8574c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
8584c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
8594c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\netapi32.dll (Input=netapi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
8604c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll [lacks WinVerifyTrust]
8614c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll [lacks WinVerifyTrust]
8624c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77370000 'C:\WINDOWS\system32\netapi32.dll'
8634c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8644c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
8654c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'crypt32.dll'.
8664c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'wldap32.dll'.
8674c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sensapi.dll'.
8684c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'.
8694c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'userenv.dll'.
8704c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'psapi.dll'.
8714c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll)
8724c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll
8734c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
8744c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll' [rcNtRedir=0xc0150008]
8754c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\psapi.dll [lacks WinVerifyTrust]
8764c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
8774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\userenv.dll' [rcNtRedir=0xc0150008]
8784c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll [lacks WinVerifyTrust]
8794c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
8804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
8814c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
8824c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
8834c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
8844c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
8854c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll)
8864c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
8874c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sensapi.dll'...
8884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'sensapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\sensapi.dll' [rcNtRedir=0xc0150008]
8894c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8904c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
8914c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\sensapi.dll)
8924c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\sensapi.dll
8934c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
8944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll' [rcNtRedir=0xc0150008]
8954c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8964c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
8974c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll)
8984c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll
8994c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
9004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll' [rcNtRedir=0xc0150008]
9014c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll [lacks WinVerifyTrust]
9024c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9034c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
9044c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
9054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9064c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
9074c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
9084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9094c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
9104c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
9114c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9124c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
9134c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
9144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9154c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9164c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
9174c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9184c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
9194c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
9204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
9224c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
9234c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9244c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
9254c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
9264c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9274c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
9284c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
9294c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9304c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
9314c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll [lacks WinVerifyTrust]
9324c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9334c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9344c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9354c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\sensapi.dll [lacks WinVerifyTrust]
9364c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9374c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006d03b0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9384c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9394c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9404c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006d03b0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9414c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9424c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9434c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006d03b0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9444c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9454c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9464c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006d03b0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9474c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9484c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9494c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006d03b0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9504c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9514c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9524c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006d03b0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9534c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9544c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9554c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9564c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9574c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9584c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9594c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9604c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll [lacks WinVerifyTrust]
9614c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9624c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff79690000 'C:\WINDOWS\system32\cryptnet.dll'
9634c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9644c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
9654c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
9664c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
9674c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
9684c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll)
9694c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
9704c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9714c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
9724c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
9734c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9744c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9754c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
9764c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
9784c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll [lacks WinVerifyTrust]
9794c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
9814c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
9824c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9834c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
9844c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
9854c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
9864c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll [lacks WinVerifyTrust]
9874c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll [lacks WinVerifyTrust]
9884c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7dac0000 'C:\WINDOWS\system32\setupapi.dll'
9894c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
9904c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\cabinet.dll)
9914c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\cabinet.dll
9924c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
9934c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
9944c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9954c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
9964c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
9974c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
9984c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
9994c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll)
10004c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
10014c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10024c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10034c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll [lacks WinVerifyTrust]
10044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
10064c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll [lacks WinVerifyTrust]
10074c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
10094c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll [lacks WinVerifyTrust]
10104c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10114c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
10124c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll [lacks WinVerifyTrust]
10134c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
10154c4.368: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll [lacks WinVerifyTrust]
10164c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006cb430:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
10174c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cabinet.dll [lacks WinVerifyTrust]
10184c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\cabinet.dll [lacks WinVerifyTrust]
10194c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7b5e0000 'C:\WINDOWS\system32\Cabinet.dll'
10204c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
10214c4.368: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000006eace0
10224c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10234c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A814B0393925AC49ED80B6DAE7E868554D2384D1
10244c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2644615.cat'; file='\SystemRoot\System32\ntdll.dll'
10254c4.368: g_pfnWinVerifyTrust=000007ff7e3e1950
10264c4.368: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll [redoing WinVerifyTrust]
10274c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001718 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll
10284c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10294c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10304c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A75E4863B333DA3AAD275A8485CF727A8FAB779D
10314c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2868626.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll'
10324c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10334c4.368: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll'
10344c4.368: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll [redoing WinVerifyTrust]
10354c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001734 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll
10364c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10374c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10384c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=79678CDBE37701648D1CADF36E55DF993B24B74F
10394c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2749655.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll'
10404c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10414c4.368: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll'
10424c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000014ac pwszName=\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
10434c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10444c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10454c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B2EBFEE4CF65D025CEAB94D7EB9300D8C42DFDB7
10464c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2876217.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll'
10474c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10484c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll'
10494c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000014b0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\cabinet.dll
10504c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10514c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10524c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4C7536B7C9F3A71469224555920A0F072B30DF46
10534c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\cabinet.dll'
10544c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10554c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\cabinet.dll'
10564c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000014cc pwszName=\Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
10574c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10584c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10594c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F18A6F9EC7D9907CF4EB2965DEC9A48853A0284C
10604c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll'
10614c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10624c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll'
10634c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000014e0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll
10644c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10654c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10664c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7410EFE272878BED94C69D364D81560CA3255425
10674c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll'
10684c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10694c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll'
10704c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000014e4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\sensapi.dll
10714c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10724c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10734c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=56AB497A0BD1E737CDF0AB39ABB45845DA6E865B
10744c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\sensapi.dll'
10754c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10764c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\sensapi.dll'
10774c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000014e8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
10784c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10794c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10804c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=352B62B9CA70A1CE77D2C1A4CD3AEBE8524662C2
10814c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975713.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll'
10824c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10834c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll'
10844c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000014ec pwszName=\Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll
10854c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10864c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10874c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=486D0807DF7D7222DF13DFABEA495F006A66CEE6
10884c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll'
10894c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10904c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\cryptnet.dll'
10914c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001570 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
10924c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
10934c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
10944c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1F8FCC7684971338F9DA8E204FEE30579937219
10954c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2705219-v2.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll'
10964c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10974c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll'
10984c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000015f4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\version.dll
10994c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11004c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11014c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A5D007AC55A87C39E1D932042091885CCF00AEC
11024c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\version.dll'
11034c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11044c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\version.dll'
11054c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000164c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\userenv.dll
11064c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11074c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11084c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6088D34FA83A0611AC9A46D60B2FED10B457BA19
11094c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\userenv.dll'
11104c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11114c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\userenv.dll'
11124c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000016a8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll
11134c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11144c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11154c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E5CE54180F6016FA244A2322F05230AC76CDAB03
11164c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll'
11174c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11184c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll'
11194c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000016bc pwszName=\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll
11204c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11214c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11224c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A45C8B674BC3CFB19A7BFC1B911F4FB848D1EC63
11234c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll'
11244c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11254c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll'
11264c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\rsaenh.dll'
11274c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000016f4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\imm32.dll
11284c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11294c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11304c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C09172E236E692E0BCA3BFD47724E4667C0D6EFB
11314c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\imm32.dll'
11324c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11334c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\imm32.dll'
11344c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001708 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll
11354c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11364c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11374c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7A606FA514533FFA3F160B18588FAE5936AC4A4A
11384c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB968389.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll'
11394c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11404c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll'
11414c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000170c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll
11424c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11434c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11444c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9F71905BEBFA564E434355FE8383BBE317B0BEE7
11454c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2876331.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll'
11464c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11474c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll'
11484c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001710 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll
11494c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11504c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11514c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFC2009DC6642063557E398E52303C4D80B6500E
11524c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll'
11534c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11544c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll'
11554c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001714 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll
11564c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11574c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11584c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=47BE75411291EE9C43CD9D8A98D758F9F53ABEDC
11594c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956572.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll'
11604c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11614c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll'
11624c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000171c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll
11634c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11644c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11654c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3159113D7E2E0DA90462B406551DCBEE06513DF7
11664c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974571.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll'
11674c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11684c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\msasn1.dll'
11694c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001720 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\user32.dll
11704c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11714c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11724c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B9F0F25C11A9D99EB8539E30F52B9BA84683A26C
11734c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925902.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\user32.dll'
11744c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11754c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll'
11764c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001724 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\imagehlp.dll
11774c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11784c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11794c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=48018BBBD3FE0A78B900B24A0B3059C2BDFEAF15
11804c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2893294.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\imagehlp.dll'
11814c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11824c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\imagehlp.dll'
11834c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001728 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll
11844c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11854c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11864c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BFEE5CCAFB6FCFC53A7C826E4C55FB74E3C869FC
11874c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2898715.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll'
11884c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11894c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll'
11904c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
11914c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000017d8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll
11924c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
11934c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
11944c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E2485DA72D4E36A2ECA19E72CC0C2C420CB0217B
11954c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2922229.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll'
11964c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11974c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll'
11984c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll
11994c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644c90:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
12004c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff48230000 'C:\WINDOWS\system32\crypt32.dll'
12014c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
12024c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
12034c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
12044c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
12054c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
12064c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x3c0043239a65bd00 C=FR, O=Certplus, CN=Class 3TS Primary CA
12074c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xfefb81851ded9800 C=MX, CN=Autoridad Certificadora del Colegio Nacional de Correduria Publica Mexicana, A.C., O=Colegio Nacional de Correduria Publica Mexicana, A.C.
12084c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd9e629afec17ef00 C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=United Parcel Service, CN=DST (UPS) RootCA, Email=ca@digsigtrust.com
12094c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xa6ba96b8897a8259 L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 1 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
12104c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x8404841a381f9f63 C=ES, ST=Barcelona, L=Barcelona, O=Fundacion FESTE, CN=FESTE, Verified Certs, Email=feste@feste.org
12114c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xaf25238a616cb0ec C=HU, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Expressz (Class C) Tanusitvanykiado
12124c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
12134c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
12144c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x79e5fa129075bd8e C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root
12154c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
12164c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x93de77b717bc192f C=US, O=Equifax Secure Inc., CN=Equifax Secure eBusiness CA-1
12174c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
12184c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd94cd06e3094b700 C=FR, O=Certplus, CN=Class 3 Primary CA
12194c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd30db27b36d6632f C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 4 CA, Email=certificate@trustcenter.de
12204c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
12214c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x27987caecfd64e64 C=BR, ST=Rio de Janeiro, L=Rio de Janeiro, O=Certisign Certificadora Digital Ltda., OU=Certisign Autoridade Certificadora AC3S
12224c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x31ae72c74210188 C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12234c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd350fa779bacd900 C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=National Retail Federation, CN=DST (NRF) RootCA, Email=ca@digsigtrust.com
12244c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x1c29714b0c909400 C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA1
12254c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
12264c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x12e3130f8d4bf71d C=US, O=Digital Signature Trust Co., OU=DST-Entrust GTI CA
12274c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x3da5e7b626c6d200 C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X1, CN=DST RootCA X1, Email=ca@digsigtrust.com
12284c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x267184556bd9ee00 C=MX, CN=Autoridad Certificadora de la Asociacion Nacional del Notariado Mexicano, A.C., O=Asociacion Nacional del Notariado Mexicano, A.C.
12294c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x31ae72c74210188 C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12304c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x4f0fd52da765ca7a L=Internet, O=VeriSign, Inc., OU=VeriSign Individual Software Publishers CA
12314c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xab7df2a48539b200 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication and Email
12324c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
12334c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xf44cbb0f8c74bc00 C=HU, ST=Hungary, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Kozjegyzoi (Class A) Tanusitvanykiado
12344c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x181333ef92178f93 C=US, O=Digital Signature Trust Co., OU=DSTCA E2
12354c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
12364c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x8083236a0da38b5a C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority
12374c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xb879433db3ccbc00 C=US, O=Digital Signature Trust Co., CN=Baltimore EZ by DST, Mail=ca@digsigtrust.com
12384c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xe98c039c6a36e44b C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Time Stamping CA, CN=TC TrustCenter Time Stamping CA
12394c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xec8d0d2e0535c1b4 C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 3 CA, Email=certificate@trustcenter.de
12404c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xf444417a00c9bdd C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 1
12414c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
12424c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12434c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
12444c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x4f0fd52da765ca7a L=Internet, O=VeriSign, Inc., OU=VeriSign Individual Software Publishers CA
12454c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
12464c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x7c717c98dbba4fe6 C=US, O=GTE Corporation, CN=GTE CyberTrust Root
12474c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x992d6156a36dbf19 C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority
12484c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x6a592bec2f2ab200 C=UY, O=ADMINISTRACION NACIONAL DE CORREOS, OU=SERVICIOS ELECTRONICOS, CN=SERVICIOS DE CERTIFICACION - A.N.C., Mail=correo_cert@correo.com.uy
12494c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
12504c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x236696801e5e9900 C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA3
12514c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
12524c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x8fc223a020ec04ea C=HU, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Uzleti (Class B) Tanusitvanykiado
12534c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
12544c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12554c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x8371290032ede838 C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 2 CA, Email=certificate@trustcenter.de
12564c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xdd241e34cfa9816c C=US, O=Digital Signature Trust Co., OU=DSTCA E1
12574c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x5534b165029017e7 C=US, O=Equifax Secure Inc., CN=Equifax Secure Global eBusiness CA-1
12584c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x435579e011d3b100 C=US, ST=DC, L=Washington, O=ABA.ECOM, INC., CN=ABA.ECOM Root CA, Email=admin@digsigtrust.com
12594c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x992d6156a36dbf19 C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority
12604c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x99a5d5a058801148 C=US, O=Digital Signature Trust Co., OU=DST (ANX Network) CA
12614c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
12624c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
12634c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
12644c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xb6d7aeb376b4eb29 C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 1 CA, Email=certificate@trustcenter.de
12654c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xaec72ec8296bc300 C=FR, O=Certplus, CN=Class 1 Primary CA
12664c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x6b1d5e81c965198 L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
12674c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xf7bfb4de1854ad00 C=US, ST=Utah, L=Salt Lake City, O=Xcert EZ by DST, CN=Xcert EZ by DST, Email=ca@digsigtrust.com
12684c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
12694c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x9675c08cf075dc00 C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X2, CN=DST RootCA X2, Email=ca@digsigtrust.com
12704c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x8083236a0da38b5a C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority
12714c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x48f1013ae27eb000 C=NL, O=PTT Post, OU=KeyMail, CN=PTT Post Root CA, Mail=ca@ptt-post.nl
12724c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
12734c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
12744c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x12d327cc0bc1db00 C=IT, O=SIA S.p.A., L=Milano, CN=SIA Secure Server CA
12754c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x5536e4a191fbb300 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Network Applications
12764c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x9c288b4941d93b41 O=EUnet International, CN=EUnet International Root CA
12774c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x6e2ba21058eedf00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN - DATACorp SGC
12784c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xec5f3f9083ccd483 C=BR, O=Certisign Certificadora Digital Ltda., OU=Certisign - Autoridade Certificadora - AC4
12794c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
12804c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x9456d690eba5cc30 C=BR, O=Certisign Certificadora Digital Ltda., OU=Certisign - Autoridade Certificadora - AC2
12814c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xc54d6a4fd5b3b9d9 C=be, O=Belgacom, OU=MTM, CN=Belgacom E-Trust Primary CA, Mail=info@e-trust.be
12824c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
12834c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x52e0d6dc2904e700 C=FI, L=Helsinki, O=Saunalahden Serveri Oy, CN=Saunalahden Serveri CA, Email=gold-certs@saunalahti.fi
12844c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x5263666a6040b0fc C=IT, O=SIA S.p.A., L=Milano, CN=SIA Secure Client CA
12854c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
12864c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x89aa5a3e83aec17a C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
12874c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xfe3e3d933619ad3f C=ES, O=FNMT, OU=FNMT Clase 2 CA
12884c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xc7e1e7c92e9bf383 C=ES, ST=Barcelona, L=Barcelona, O=Fundacion FESTE, CN=FESTE, Public Notary Certs, Email=feste@feste.org
12894c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x824f50c06d5393bc C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Basic CA, Email=personal-basic@thawte.com
12904c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x40a4bfb9091e141c C=US, O=First Data Digital Certificates Inc., CN=First Data Digital Certificates Inc. Certification Authority
12914c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x5485aec4f9cfe4f0 C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12924c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x281b06521e933939 C=US, O=Equifax Secure, OU=Equifax Secure eBusiness CA-2
12934c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x8cb9cf4407f8d966 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA, Email=personal-premium@thawte.com
12944c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x9259c8abe5ca713a L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
12954c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
12964c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
12974c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd483b82d16bebad0 C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12984c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xdc8eea399f74524f C=ES, ST=BARCELONA, L=BARCELONA, O=IPS Seguridad CA, OU=Certificaciones, CN=IPS SERVIDORES, Email=ips@mail.ips.es
12994c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
13004c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
13014c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x419b60ebff37ab00 C=FR, O=Certplus, CN=Class 3P Primary CA
13024c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x715b6494b0d4d769 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Freemail CA, Email=personal-freemail@thawte.com
13034c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x366c87bc8c77d200 C=FI, L=Helsinki, O=Saunalahden Serveri Oy, CN=Saunalahden Serveri CA, Email=silver-certs@saunalahti.fi
13044c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x5485aec4f9cfe4f0 C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
13054c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xd483b82d16bebad0 C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
13064c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
13074c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
13084c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0xdf603f23927b9600 C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA2
13094c4.368: supR3HardenedWinIsDesiredRootCA: Adding 0x9bf841c5a3eb95c0 C=BR, O=Certisign Certificadora Digital Ltda., OU=Certisign Autoridade Certificadora AC1S
13104c4.368: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=109
13114c4.368: SUPR3HardenedMain: Load Runtime...
13124c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
13134c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
13144c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
13154c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
13164c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
13174c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13184c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13194c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
13224c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001428 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
13234c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
13244c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
13254c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4016BAC954F50076B90EBF9D0973CDC62FE78A06
13264c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll'
13274c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13284c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13294c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ws2help.dll'.
13304c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
13314c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll) WinVerifyTrust
13324c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
13334c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13354c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
13364c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
13374c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
13384c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13394c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13404c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
13414c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
13424c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13434c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13444c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
13454c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
13474c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll
13484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2help.dll'...
13494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2help.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2help.dll' [rcNtRedir=0xc0150008]
13504c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000143c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\ws2help.dll
13514c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
13524c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
13534c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7F1A4D78CA120951714E1EE5412D6EBA2D6CF315
13544c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\ws2help.dll'
13554c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13564c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
13574c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
13584c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\ws2help.dll) WinVerifyTrust
13594c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\ws2help.dll
13604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
13624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
13644c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll
13654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
13674c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000644c90:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
13684c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13694c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13704c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
13714c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
13724c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
13734c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2help.dll
13744c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13754c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
13764c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13774c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13784c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
13794c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13804c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13814c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
13824c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13834c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13844c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
13854c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13864c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13874c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
13884c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13894c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
13904c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
13914c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13924c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13934c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13944c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13954c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13964c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13974c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13984c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13994c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14004c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
14014c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14024c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14034c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14044c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14054c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14064c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14074c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14084c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14094c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14104c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14114c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14124c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14134c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14144c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14154c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14164c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14174c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
14184c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
14194c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14204c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14214c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14224c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004120000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14234c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll
14244c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
14254c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\Wintrust.dll'
14264c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll
14274c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
14284c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff48230000 'C:\WINDOWS\system32\crypt32.dll'
14294c4.368: SUPR3HardenedMain: Load TrustedMain...
14304c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
14314c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
14324c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
14334c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
14344c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
14354c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
14364c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
14374c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
14384c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
14394c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
14404c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
14414c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
14424c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
14434c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
14444c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
14454c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
14464c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
14474c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
14484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
14494c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001394 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
14504c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
14514c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
14524c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F9099975930838AACBF8D361C080C87F76EF26E7
14534c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2598479.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll'
14544c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14554c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14564c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
14574c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
14584c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll) WinVerifyTrust
14594c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
14604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
14614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
14624c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001384 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
14634c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
14644c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
14654c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2360237094E59ED695E371B754A9CE2E689C21AB
14664c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2476490.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll'
14674c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14684c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14694c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14704c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
14714c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
14724c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
14734c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
14744c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll) WinVerifyTrust
14754c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
14764c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
14784c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
14794c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
14814c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001380 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
14824c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
14834c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
14844c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=52BBEAC4CBF8ACB908FE29C1C2558DDDF8A58BAC
14854c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2691442.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll'
14864c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14874c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14884c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
14894c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14904c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
14914c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'.
14924c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
14934c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll) WinVerifyTrust
14944c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
14954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14964c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
14974c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14984c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
14994c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
15004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
15014c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
15024c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
15034c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
15044c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
15054c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
15064c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
15074c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
15084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
15094c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15104c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15114c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
15124c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
15134c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
15144c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
15154c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
15164c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
15174c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
15184c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
15194c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
15204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
15214c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15224c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15234c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
15244c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
15254c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
15264c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15274c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15284c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
15294c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
15304c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15314c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15324c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
15334c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
15344c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
15354c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15364c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
15374c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15384c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15394c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
15404c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
15414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15424c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15434c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15444c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
15454c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
15464c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
15474c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
15484c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
15494c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
15504c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
15514c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
15524c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
15534c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15544c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15554c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
15564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15574c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15584c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
15594c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
15614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll' [rcNtRedir=0xc0150008]
15634c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001348 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll
15644c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
15654c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
15664c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D9697DC3B53F184C0FA06076B0DED9AD7D3C3C0A
15674c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll'
15684c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15694c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15704c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
15714c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
15724c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
15734c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
15744c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
15754c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll) WinVerifyTrust
15764c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll
15774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15784c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
15794c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
15804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ddraw.dll' [rcNtRedir=0xc0150008]
15814c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001358 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\ddraw.dll
15824c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
15834c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
15844c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=65C2F9A247B22AC4CD2D4743A3797AB62EEDF073
15854c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\ddraw.dll'
15864c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15874c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
15884c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'dciman32.dll'.
15894c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
15904c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
15914c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
15924c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\ddraw.dll) WinVerifyTrust
15934c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\ddraw.dll
15944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
15954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\glu32.dll' [rcNtRedir=0xc0150008]
15964c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000135c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\glu32.dll
15974c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
15984c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
15994c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EE4458F5881EDD53A1F314FC183F4E50D5CABF7
16004c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\glu32.dll'
16014c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16024c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16034c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
16044c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
16054c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\glu32.dll) WinVerifyTrust
16064c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\glu32.dll
16074c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
16094c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll
16104c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16114c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
16124c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16134c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
16144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16154c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16164c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
16174c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16184c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
16194c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
16204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
16214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\mpr.dll' [rcNtRedir=0xc0150008]
16224c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001340 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\mpr.dll
16234c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
16244c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
16254c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=473E3191E40352EA49B7F408E0FDB1CA9C3D1C96
16264c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\mpr.dll'
16274c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16284c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
16294c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
16304c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\mpr.dll) WinVerifyTrust
16314c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\mpr.dll
16324c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
16334c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
16344c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
16354c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16364c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
16374c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16384c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
16394c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
16404c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
16414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
16424c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
16434c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16444c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
16454c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16474c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
16484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
16504c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
16514c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16524c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16534c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
16544c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16554c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
16564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16574c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
16584c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll
16594c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll' [rcNtRedir=0xc0150008]
16614c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll
16624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
16644c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
16654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16674c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
16684c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16694c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
16704c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
16714c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
16724c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
16734c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
16744c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16754c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16764c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
16774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
16784c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
16794c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
16804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16814c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
16824c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16834c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
16844c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll
16854c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16864c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16874c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
16884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
16894c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\comdlg32.dll' [rcNtRedir=0xc0150008]
16904c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001354 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\comdlg32.dll
16914c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
16924c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
16934c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=12435DB6C9B8872A867319025D9609019412EC18
16944c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\comdlg32.dll'
16954c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16964c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16974c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
16984c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
16994c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
17004c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
17014c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'comctl32.dll'.
17024c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shell32.dll'.
17034c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\comdlg32.dll) WinVerifyTrust
17044c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\comdlg32.dll
17054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
17064c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\WINDOWS\system32\winspool.drv' [rcNtRedir=0xc0150008]
17074c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001338 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\winspool.drv
17084c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
17094c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
17104c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1E6DEBFC2DAC8A03720B813B25547ABB65A597F5
17114c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\winspool.drv'
17124c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17134c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17144c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
17154c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
17164c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
17174c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
17184c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\winspool.drv) WinVerifyTrust
17194c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\winspool.drv
17204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17224c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
17234c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17244c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17254c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
17264c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
17274c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
17284c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
17294c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17304c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
17314c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll
17324c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17334c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
17344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17354c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17364c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
17374c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17384c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17394c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
17404c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17424c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
17434c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
17444c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
17454c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
17464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17474c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
17494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
17504c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
17514c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17524c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
17534c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17544c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
17554c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
17574c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17584c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
17594c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
17634c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
17644c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
17664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17674c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
17684c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17694c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
17704c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17714c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
17724c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17734c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17744c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17754c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
17764c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
17784c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17794c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
17804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17814c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
17824c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17834c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17844c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17854c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
17864c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17874c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
17884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
17894c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
17904c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
17914c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
17924c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\comctl32.dll' [rcNtRedir=0x0]
17934c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001368 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\comctl32.dll
17944c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
17954c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
17964c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4DD2B7E70CB28A2B062CCE994D065498015E7777
17974c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2864058.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\comctl32.dll'
17984c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17994c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
18004c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
18014c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
18024c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\comctl32.dll) WinVerifyTrust
18034c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\comctl32.dll
18044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
18064c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18074c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
18084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18094c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
18104c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
18114c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
18124c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
18134c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
18154c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18164c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
18174c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18184c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
18194c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
18214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
18224c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll' [rcNtRedir=0xc0150008]
18234c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll
18244c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18254c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
18264c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18274c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
18284c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18294c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
18304c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18314c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
18324c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
18334c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\dciman32.dll' [rcNtRedir=0xc0150008]
18344c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001350 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\dciman32.dll
18354c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
18364c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
18374c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=81565DD69E159F9781F5BFF7E269538625E580E2
18384c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\dciman32.dll'
18394c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18404c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
18414c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
18424c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
18434c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\dciman32.dll) WinVerifyTrust
18444c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\dciman32.dll
18454c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
18474c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
18494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18504c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
18514c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18524c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
18534c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18544c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
18554c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
18574c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll
18584c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18594c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
18604c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
18614c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
18624c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
18634c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\opengl32.dll
18644c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\glu32.dll
18654c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ddraw.dll
18664c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\dciman32.dll
18674c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
18684c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
18694c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
18704c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
18714c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winspool.drv
18724c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
18734c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
18744c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
18754c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_04280519\comctl32.dll)
18764c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_04280519\comctl32.dll
18774c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
18784c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
18794c4.368: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_04280519\comctl32.dll'.
18804c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_04280519\comctl32.dll' [rescheduled]
18814c4.368: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'.
18824c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18834c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
18844c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
18854c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shlwapi.dll'.
18864c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
18874c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll)
18884c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll
18894c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18904c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
18914c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
18924c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
18934c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
18944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
18964c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18974c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
18984c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18994c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
19004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19014c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
19024c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19034c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
19044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
19064c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
19074c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll [avoiding WinVerifyTrust]
19084c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll [avoiding WinVerifyTrust]
19094c4.368: supR3HardenedScreenImage/NtCreateSection: Applying the drop-exec-kludge for '\Device\HarddiskVolume1\WINDOWS\WindowsShell.Manifest'
19104c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f000000 'C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'
19114c4.368: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'.
19124c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll' [rescheduled]
19134c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\imm32.dll
19144c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
19154c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7d500000 'C:\WINDOWS\system32\imm32.dll'
19164c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fee0000 'C:\WINDOWS\system32\ADVAPI32.DLL'
19174c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000004e40000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
19184c4.368: SUPR3HardenedMain: Calling TrustedMain (0000000004e414f0)...
19194c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
19204c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
19214c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
19224c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
19234c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
19244c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
19254c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
19264c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
19274c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
19284c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
19294c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
19304c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
19314c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
19324c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19334c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
19354c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
19364c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
19374c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
19384c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
19394c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
19404c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
19424c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll
19434c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
19444c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
19454c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
19464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19474c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
19484c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
19494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
19504c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
19514c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
19524c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
19534c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\imm32.dll' [rcNtRedir=0xc0150008]
19544c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\imm32.dll
19554c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
19574c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19584c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
19594c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
19604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
19624c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
19634c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
19644c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
19654c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000006aa0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
19664c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19674c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
19684c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
19694c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
19704c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
19714c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'secur32.dll'.
19724c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\rpcss.dll)
19734c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\rpcss.dll
19744c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000012f0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\rpcss.dll
19754c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
19764c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
19774c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EE4C8CC28CD0062A7F307C8885086D4191E21CE6
19784c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956572.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\rpcss.dll'
19794c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19804c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\rpcss.dll'
19814c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000012f4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll
19824c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
19834c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
19844c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41B1EC68242F6095B1A0F1F9717F3869AE2CFE93
19854c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll'
19864c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19874c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19884c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
19894c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
19904c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
19914c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll) WinVerifyTrust
19924c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll
19934c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
19954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19964c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
19974c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19984c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
19994c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
20014c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'secur32.dll'...
20024c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'secur32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll' [rcNtRedir=0xc0150008]
20034c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\secur32.dll
20044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
20064c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20074c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
20084c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
20094c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20104c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
20114c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20124c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20134c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
20154c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002eb9ec0:C:\WINDOWS\system32;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
20164c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll
20174c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll
20184c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7a410000 'C:\WINDOWS\system32\MSCTF.dll'
20194c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'shlwapi.dll'.
20204c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
20214c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
20224c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shell32.dll'.
20234c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'psapi.dll'.
20244c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'version.dll'.
20254c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
20264c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msimg32.dll'.
20274c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'wtsapi32.dll'.
20284c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'winmm.dll'.
20294c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'uxtheme.dll'.
20304c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
20314c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'powrprof.dll'.
20324c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll) WinVerifyTrust
20334c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll
20344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
20354c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\powrprof.dll' [rcNtRedir=0xc0150008]
20364c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000012e4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\powrprof.dll
20374c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
20384c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
20394c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D87B1CE53ABA4D0F79E6C950F79D9C38B6F33468
20404c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\powrprof.dll'
20414c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20424c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
20434c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
20444c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\powrprof.dll) WinVerifyTrust
20454c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\powrprof.dll
20464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20474c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
20484c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
20494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
20504c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll' [rcNtRedir=0xc0150008]
20514c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll
20524c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
20534c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
20544c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
20554c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wtsapi32.dll'...
20564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'wtsapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll' [rcNtRedir=0xc0150008]
20574c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000012b8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll
20584c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
20594c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
20604c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA56733FF832D3AA3F9FBA6279A652677906077A
20614c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll'
20624c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20634c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20644c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'winsta.dll'.
20654c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
20664c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
20674c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
20684c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll) WinVerifyTrust
20694c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll
20704c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msimg32.dll'...
20714c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msimg32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msimg32.dll' [rcNtRedir=0xc0150008]
20724c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000012bc pwszName=\Device\HarddiskVolume1\WINDOWS\system32\msimg32.dll
20734c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
20744c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
20754c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=76B20D3FFD5E52A5FD9C92FDF696E87650E7BC1F
20764c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\msimg32.dll'
20774c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20784c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
20794c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\msimg32.dll) WinVerifyTrust
20804c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\msimg32.dll
20814c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20824c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
20834c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
20844c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
20854c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\version.dll' [rcNtRedir=0xc0150008]
20864c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\version.dll
20874c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
20884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll' [rcNtRedir=0xc0150008]
20894c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\psapi.dll
20904c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
20914c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
20924c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
20934c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
20954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20964c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
20974c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
20984c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
20994c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
21004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21014c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
21024c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21034c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
21064c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll
21074c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21084c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
21094c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winsta.dll'...
21104c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winsta.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winsta.dll' [rcNtRedir=0xc0150008]
21114c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000012ac pwszName=\Device\HarddiskVolume1\WINDOWS\system32\winsta.dll
21124c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
21134c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
21144c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=85EB30CBAC38ED920B54DE86316DFE2A12F5A6AB
21154c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\winsta.dll'
21164c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21174c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21184c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
21194c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'netapi32.dll'.
21204c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
21214c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\winsta.dll) WinVerifyTrust
21224c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\winsta.dll
21234c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21244c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
21254c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21264c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
21274c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21284c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
21294c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21304c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
21314c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
21324c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
21334c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
21344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21354c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21364c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll
21374c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21384c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
21394c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\nview\nview64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006e7e00:C:\Program Files\NVIDIA Corporation\nview;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
21404c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll
21414c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll
21424c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msimg32.dll
21434c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll
21444c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winsta.dll
21454c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\powrprof.dll
21464c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll
21474c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\nview\nview64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
21484c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000006c20000 'C:\Program Files\NVIDIA Corporation\nview\nview64.dll'
21494c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll
21504c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\nview\nview64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
21514c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000006c20000 'C:\Program Files\NVIDIA Corporation\nview\nview64.dll'
21524c4.368: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\system32\ntmarta.dll'.
21534c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21544c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
21554c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
21564c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
21574c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wldap32.dll'.
21584c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'samlib.dll'.
21594c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
21604c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\ntmarta.dll)
21614c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\ntmarta.dll
21624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
21644c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
21654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'samlib.dll'...
21664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'samlib.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll' [rcNtRedir=0xc0150008]
21674c4.368: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll'.
21684c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21694c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
21704c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
21714c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll)
21724c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\samlib.dll
21734c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
21744c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll' [rcNtRedir=0xc0150008]
21754c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll
21764c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21774c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
21784c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21794c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21814c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
21824c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21834c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
21844c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21854c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21864c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21874c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
21884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21894c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
21904c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll
21914c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\NTMARTA.DLL (Input=NTMARTA.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
21924c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\ntmarta.dll [avoiding WinVerifyTrust]
21934c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\ntmarta.dll [avoiding WinVerifyTrust]
21944c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\samlib.dll [avoiding WinVerifyTrust]
21954c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e4c0000 'C:\WINDOWS\system32\NTMARTA.DLL'
21964c4.368: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll'.
21974c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll' [rescheduled]
21984c4.368: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\system32\ntmarta.dll'.
21994c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\WINDOWS\system32\ntmarta.dll' [rescheduled]
22004c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll
22014c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\nview\nview64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22024c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000006c20000 'C:\Program Files\NVIDIA Corporation\nview\nview64.dll'
22034c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\nView64.dll
22044c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\nview\nview64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22054c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000006c20000 'C:\Program Files\NVIDIA Corporation\nview\nview64.dll'
22064c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
22074c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22084c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f190000 'C:\WINDOWS\system32\Shell32.dll'
22094c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
22104c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22114c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f190000 'C:\WINDOWS\system32\Shell32.dll'
22124c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shell32.dll
22134c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22144c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f190000 'C:\WINDOWS\system32\Shell32.dll'
22154c4.368: Detected loader lock ownership: rc=Unknown Status -23021 (0xffffa613) '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll'.
22164c4.368: supHardenedWinVerifyImageByHandle: -> -23021 (\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll)
22174c4.368: Error (rc=0):
22184c4.368: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll: None of the 1 path(s) have a trust anchor.: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll
22194c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll
22204c4.368: Error (rc=0):
22214c4.368: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll' (C:\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll): rcNt=0xc0000190
22224c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\NVIDIA Corporation\nview\NVWRSENU.dll'
22234c4.368: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\NVWRSENU.dll': 0 (NtPath=\??\C:\WINDOWS\system32\NVWRSENU.dll; Input=C:\WINDOWS\system32\NVWRSENU.dll; rcNtGetDll=0x0
22244c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\NVWRSENU.dll'
22254c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077c20000 'C:\WINDOWS\system32\USER32.dll'
22264c4.368: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe'.
22274c4.368: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
22284c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
22294c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
22304c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22314c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000140000000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.exe'
22324c4.368: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe'.
22334c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' [rescheduled]
22344c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe [redoing WinVerifyTrust]
22354c4.368: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe'.
22364c4.368: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
22374c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22384c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000140000000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.exe'
22394c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000006c20000 'C:\Program Files\NVIDIA Corporation\nview\nview64.dll'
22404c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077c20000 'C:\WINDOWS\system32\user32.dll'
22414c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f190000 'C:\WINDOWS\system32\shell32.dll'
22424c4.368: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
22434c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
22444c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
22454c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22464c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e240000 'C:\WINDOWS\system32\winmm.dll'
22474c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
22484c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22494c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e240000 'C:\WINDOWS\system32\winmm.dll'
22504c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll
22514c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22524c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77230000 'C:\WINDOWS\system32\uxtheme.dll'
22534c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000122c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22544c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
22554c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
22564c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=50FB2CDCD68F8BABA5FF77FFE2FD57F4623C1EE2
22574c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv'
22584c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22594c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
22604c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
22614c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv) WinVerifyTrust
22624c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
22644c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
22654c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
22664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22674c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
22684c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22694c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22704c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22714c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
22724c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
22734c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22744c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
22754c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
22764c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7dac0000 'C:\WINDOWS\system32\setupapi.dll'
22774c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll
22784c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22794c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\WINTRUST.dll'
22804c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22814c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22824c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22834c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22844c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
22854c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
22864c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22874c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
22884c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
22894c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7dac0000 'C:\WINDOWS\system32\setupapi.dll'
22904c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll
22914c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22924c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\WINTRUST.dll'
22934c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22944c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
22954c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22964c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
22974c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
22984c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7dac0000 'C:\WINDOWS\system32\setupapi.dll'
22994c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wintrust.dll
23004c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
23014c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\WINTRUST.dll'
23024c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23034c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7dac0000 'C:\WINDOWS\system32\setupapi.dll'
23044c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\WINTRUST.dll'
23054c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23064c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll
23074c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7dac0000 'C:\WINDOWS\system32\setupapi.dll'
23084c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\WINTRUST.dll'
23094c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wdmaud.drv
23104c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23114c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7dac0000 'C:\WINDOWS\system32\setupapi.dll'
23124c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e3e0000 'C:\WINDOWS\system32\WINTRUST.dll'
23134c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23144c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23154c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23164c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23174c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23184c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23194c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23204c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78930000 'C:\WINDOWS\system32\wdmaud.drv'
23214c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011ec pwszName=\Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23224c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
23234c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
23244c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9F2003131BD5EAAAA6FE9D2402E6007E125414D5
23254c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv'
23264c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23274c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23284c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
23294c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
23304c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msacm32.dll'.
23314c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv) WinVerifyTrust
23324c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23334c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
23344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msacm32.dll' [rcNtRedir=0xc0150008]
23354c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001220 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\msacm32.dll
23364c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
23374c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
23384c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0CFD3F7C6F29C129981DD6F54C3340105A898EBB
23394c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\msacm32.dll'
23404c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23414c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23424c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
23434c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
23444c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
23454c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
23464c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\msacm32.dll) WinVerifyTrust
23474c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\msacm32.dll
23484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
23494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
23504c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
23514c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23524c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
23534c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23544c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
23554c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
23564c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
23574c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winmm.dll
23584c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23594c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
23604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
23624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
23644c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
23664c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
23674c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23684c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23694c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.dll
23704c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78920000 'C:\WINDOWS\system32\msacm32.drv'
23714c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23724c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
23734c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78920000 'C:\WINDOWS\system32\msacm32.drv'
23744c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23754c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
23764c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78920000 'C:\WINDOWS\system32\msacm32.drv'
23774c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23784c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
23794c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78920000 'C:\WINDOWS\system32\msacm32.drv'
23804c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23814c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
23824c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78920000 'C:\WINDOWS\system32\msacm32.drv'
23834c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msacm32.drv
23844c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
23854c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff78920000 'C:\WINDOWS\system32\msacm32.drv'
23864c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011d8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\midimap.dll
23874c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
23884c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
23894c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41DF6CA84E69D82A472A7836C34A09245DA40785
23904c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\midimap.dll'
23914c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23924c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23934c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
23944c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
23954c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
23964c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\midimap.dll) WinVerifyTrust
23974c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\midimap.dll
23984c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
23994c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
24004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24014c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
24024c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24034c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
24044c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24054c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
24064c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24074c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\midimap.dll
24084c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\midimap.dll
24094c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fbb0000 'C:\WINDOWS\system32\midimap.dll'
24104c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\midimap.dll
24114c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24124c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fbb0000 'C:\WINDOWS\system32\midimap.dll'
24134c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\midimap.dll
24144c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24154c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fbb0000 'C:\WINDOWS\system32\midimap.dll'
24164c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\midimap.dll
24174c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24184c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fbb0000 'C:\WINDOWS\system32\midimap.dll'
24194c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fee0000 'C:\WINDOWS\system32\advapi32.dll'
24204c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\userenv.dll
24214c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24224c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c680000 'C:\WINDOWS\system32\userenv.dll'
24234c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\kernel32.dll
24244c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24254c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077d40000 'C:\WINDOWS\system32\kernel32.dll'
24264c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011c8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\clbcatq.dll
24274c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
24284c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
24294c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0E6345F6964532A4086E84A2F8AF2D72D0190EE3
24304c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\clbcatq.dll'
24314c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24324c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
24334c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
24344c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
24354c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'comres.dll'.
24364c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
24374c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
24384c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'version.dll'.
24394c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\clbcatq.dll) WinVerifyTrust
24404c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\clbcatq.dll
24414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
24424c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\version.dll' [rcNtRedir=0xc0150008]
24434c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\version.dll
24444c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24454c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24464c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24474c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
24484c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comres.dll'...
24494c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'comres.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\comres.dll' [rcNtRedir=0xc0150008]
24504c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001208 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\comres.dll
24514c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
24524c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
24534c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=20F2F59ECC01A33E94E5E28C94EFA9D57DAF9018
24544c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\comres.dll'
24554c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24564c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
24574c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\comres.dll) WinVerifyTrust
24584c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\comres.dll
24594c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
24614c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
24624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
24644c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
24664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24674c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
24684c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24694c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\clbcatq.dll
24704c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\clbcatq.dll
24714c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\comres.dll
24724c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
24734c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24744c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57140000 'C:\WINDOWS\system32\ole32.dll'
24754c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7ea10000 'C:\WINDOWS\system32\CLBCatQ.DLL'
24764c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011c0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\xpsp2res.dll
24774c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
24784c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
24794c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EC5EF5781B9982BE504EDD335A7442628B788523
24804c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\xpsp2res.dll'
24814c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24824c4.368: '\Device\HarddiskVolume1\WINDOWS\system32\xpsp2res.dll' has no imports
24834c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\xpsp2res.dll) WinVerifyTrust
24844c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\xpsp2res.dll
24854c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\xpsp2res.dll (Input=xpsp2res.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
24864c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\xpsp2res.dll
24874c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\xpsp2res.dll
24884c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000007290000 'C:\WINDOWS\system32\xpsp2res.dll'
24894c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57140000 'C:\WINDOWS\system32\OLE32.dll'
24904c4.710: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57140000 'C:\WINDOWS\system32\OLE32.DLL'
24914c4.1044: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57140000 'C:\WINDOWS\system32\OLE32.DLL'
24924c4.1078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57140000 'C:\WINDOWS\system32\OLE32.DLL'
24934c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24944c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
24954c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24964c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
24974c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
24984c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
24994c4.1078: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
25004c4.1078: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
25014c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25024c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
25034c4.1078: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
25044c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
25054c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
25064c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25074c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
25084c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25094c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25104c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
25114c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
25124c4.1078: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
25134c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25144c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25154c4.1078: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
25164c4.1078: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
25174c4.1078: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
25184c4.1078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000007960000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
25194c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25204c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25214c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
25224c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
25234c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
25244c4.1078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
25254c4.1078: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStubLegacy.dll) WinVerifyTrust
25264c4.1078: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStubLegacy.dll
25274c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25284c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25294c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25304c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
25314c4.1078: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
25324c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
25334c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
25344c4.1078: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
25354c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25364c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
25374c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25384c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25394c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25404c4.1078: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25414c4.1078: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStubLegacy.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
25424c4.1078: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStubLegacy.dll
25434c4.1078: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStubLegacy.dll
25444c4.1078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000070f0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStubLegacy.dll'
25454c4.1078: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
25464c4.1078: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\oleaut32.dll (Input=oleaut32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
25474c4.1078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7ebc0000 'C:\WINDOWS\system32\oleaut32.dll'
25484c4.1078: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
25494c4.1078: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\oleaut32.dll (Input=oleaut32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
25504c4.1078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7ebc0000 'C:\WINDOWS\system32\oleaut32.dll'
25514c4.1078: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
25524c4.1078: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\netapi32.dll (Input=netapi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
25534c4.1078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff77370000 'C:\WINDOWS\system32\netapi32.dll'
25544c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7fc90000 'C:\WINDOWS\system32\gdi32.dll'
25554c4.3b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25564c4.3b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25574c4.3b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
25584c4.3b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25594c4.3b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25604c4.3b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25614c4.3b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25624c4.3b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25634c4.3b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
25644c4.3b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25654c4.3b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25664c4.3b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000008270000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
25674c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25684c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
25694c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
25704c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
25714c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'imm32.dll'.
25724c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME)
25734c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME
25744c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME [avoiding WinVerifyTrust]
25754c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000df4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME
25764c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
25774c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
25784c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0098548498D1A06A6FDBAB1CB951E1AE6E7F8DA5
25794c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME'
25804c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25814c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME'
25824c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000df0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\apphelp.dll
25834c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
25844c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
25854c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1DE299139D36A65E4F7016CE85772D42EB8635B2
25864c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\apphelp.dll'
25874c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25884c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\apphelp.dll) WinVerifyTrust
25894c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\apphelp.dll
25904c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
25914c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\imm32.dll' [rcNtRedir=0xc0150008]
25924c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\imm32.dll
25934c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
25944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
25954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25964c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
25974c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25984c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
25994c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
26014c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\apphelp.dll (Input=apphelp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
26024c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\apphelp.dll
26034c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\apphelp.dll
26044c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7ce50000 'C:\WINDOWS\system32\apphelp.dll'
26054c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME
26064c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msctfime.ime (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
26074c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME
26084c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME
26094c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57140000 'C:\WINDOWS\system32\ole32.dll'
26104c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff58af0000 'C:\WINDOWS\system32\msctfime.ime'
26114c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTFIME.IME
26124c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msctfime.ime (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
26134c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff58af0000 'C:\WINDOWS\system32\msctfime.ime'
26144c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26154c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
26164c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
26174c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'version.dll'.
26184c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msctf.dll'.
26194c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
26204c4.368: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll)
26214c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll
26224c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dc4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll
26234c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
26244c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
26254c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=30C34072F4A29CFC817E27B8DB9B1007124FA618
26264c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll'
26274c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26284c4.368: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll'
26294c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
26304c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
26314c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
26324c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msctf.dll' [rcNtRedir=0xc0150008]
26334c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll
26344c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
26354c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\version.dll' [rcNtRedir=0xc0150008]
26364c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\version.dll
26374c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26384c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
26394c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26404c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
26414c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26424c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
26434c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57140000 'C:\WINDOWS\system32\ole32.dll'
26444c4.368: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
26454c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
26464c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7ebc0000 'C:\WINDOWS\system32\OLEAUT32.dll'
26474c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000da0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemprox.dll
26484c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
26494c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
26504c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C30F3EC05593A4DB0A30C5E9AEA7BFDDB51A3725
26514c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemprox.dll'
26524c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26534c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
26544c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
26554c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
26564c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
26574c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wbemcomn.dll'.
26584c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
26594c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemprox.dll) WinVerifyTrust
26604c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemprox.dll
26614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
26624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
26634c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
26644c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
26654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll' [rcNtRedir=0xc0150008]
26664c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dd0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll
26674c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
26684c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
26694c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7EA352A1DFBA059996ED888A146289AF1BE1AC49
26704c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll'
26714c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26724c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26734c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
26744c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
26754c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
26764c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
26774c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll) WinVerifyTrust
26784c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll
26794c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
26814c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26824c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
26834c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ole32.dll
26844c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26854c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
26864c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26874c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
26884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26894c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
26904c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26914c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
26924c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26934c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
26944c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
26964c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26974c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
26984c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000030c1e00:C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
26994c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemprox.dll
27004c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemprox.dll
27014c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll
27024c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7b070000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
27034c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d7c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemsvc.dll
27044c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
27054c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
27064c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4893AF8D8623FB431D2A4772ADC01716C32391FB
27074c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemsvc.dll'
27084c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27094c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27104c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
27114c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
27124c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
27134c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemsvc.dll) WinVerifyTrust
27144c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemsvc.dll
27154c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27164c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
27174c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
27184c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
27194c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27204c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27224c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
27234c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000030c1e00:C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
27244c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemsvc.dll
27254c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemsvc.dll
27264c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7b050000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
27274c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d70 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wbem\fastprox.dll
27284c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
27294c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
27304c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=22C3BAAF8C8DCD343BB2F41D2AA6362AE9318F98
27314c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956572.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\wbem\fastprox.dll'
27324c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27334c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27344c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp60.dll'.
27354c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'wbemcomn.dll'.
27364c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
27374c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
27384c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
27394c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ntdsapi.dll'.
27404c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wbem\fastprox.dll) WinVerifyTrust
27414c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wbem\fastprox.dll
27424c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
27434c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ntdsapi.dll' [rcNtRedir=0xc0150008]
27444c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d8c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\ntdsapi.dll
27454c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
27464c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
27474c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=76B9CC7FAC51E9FBFF9FEFD2C982D580564ADF3A
27484c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\ntdsapi.dll'
27494c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27504c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27514c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'dnsapi.dll'.
27524c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
27534c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'wldap32.dll'.
27544c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'netapi32.dll'.
27554c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'secur32.dll'.
27564c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
27574c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ws2_32.dll'.
27584c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\ntdsapi.dll) WinVerifyTrust
27594c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\ntdsapi.dll
27604c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
27614c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
27624c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
27634c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
27644c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27654c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
27664c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
27674c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll' [rcNtRedir=0xc0150008]
27684c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\wbemcomn.dll
27694c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp60.dll'...
27704c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp60.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcp60.dll' [rcNtRedir=0xc0150008]
27714c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d78 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\msvcp60.dll
27724c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
27734c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
27744c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2A7730AC1D07316B7F5ED6FE0244E161869AD4AE
27754c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\msvcp60.dll'
27764c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27774c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
27784c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\msvcp60.dll) WinVerifyTrust
27794c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\msvcp60.dll
27804c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27814c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
27824c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27834c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
27844c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
27854c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
27864c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
27874c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27884c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
27894c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'secur32.dll'...
27904c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'secur32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll' [rcNtRedir=0xc0150008]
27914c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\secur32.dll
27924c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
27934c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
27944c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
27954c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
27964c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll' [rcNtRedir=0xc0150008]
27974c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll
27984c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27994c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28004c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dnsapi.dll'...
28014c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'dnsapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll' [rcNtRedir=0xc0150008]
28024c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d94 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll
28034c4.368: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
28044c4.368: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
28054c4.368: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=773765DBBF9CFD5F08FB94C250959008B66B4478
28064c4.368: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2509553.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll'
28074c4.368: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28084c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28094c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
28104c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
28114c4.368: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
28124c4.368: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll) WinVerifyTrust
28134c4.368: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll
28144c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28154c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
28164c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
28174c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28184c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
28194c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
28204c4.368: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
28214c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28224c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
28234c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28244c4.368: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
28254c4.368: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000030c1e00:C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
28264c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\fastprox.dll
28274c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wbem\fastprox.dll
28284c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msvcp60.dll
28294c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ntdsapi.dll
28304c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll
28314c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c030000 'C:\WINDOWS\system32\wbem\fastprox.dll'
28324c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e240000 'C:\WINDOWS\system32\WINMM.dll'
28334c4.368: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7ebc0000 'C:\WINDOWS\system32\OLEAUT32.DLL'
28344c4.42c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28354c4.42c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
28364c4.42c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28374c4.42c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
28384c4.42c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28394c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28404c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28414c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
28424c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
28434c4.42c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
28444c4.42c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
28454c4.42c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
28464c4.42c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
28474c4.42c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
28484c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28494c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28504c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28514c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
28524c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
28534c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
28544c4.42c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28554c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28564c4.42c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28574c4.42c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
28584c4.42c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28594c4.42c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28604c4.42c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
28614c4.42c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000009c70000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
28624c4.12a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28634c4.12a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
28644c4.12a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28654c4.12a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
28664c4.12a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
28674c4.12a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
28684c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28694c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
28704c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28714c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28724c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
28734c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
28744c4.12a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28754c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28764c4.12a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28774c4.12a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
28784c4.12a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
28794c4.12a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
28804c4.12a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000009be0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
28814c4.12a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077c20000 'C:\WINDOWS\system32\User32.dll'
28824c4.12a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28834c4.12a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
28844c4.12a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28854c4.12a0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
28864c4.12a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
28874c4.12a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28884c4.12a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28894c4.12a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
28904c4.12a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
28914c4.12a0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
28924c4.12a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28934c4.12a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28944c4.12a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
28954c4.12a0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
28964c4.12a0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
28974c4.12a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000a270000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
28984c4.12ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28994c4.12ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
29004c4.12ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29014c4.12ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
29024c4.12ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
29034c4.12ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29044c4.12ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29054c4.12ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
29064c4.12ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
29074c4.12ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
29084c4.12ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29094c4.12ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29104c4.12ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
29114c4.12ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
29124c4.12ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
29134c4.12ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
29144c4.12ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000a380000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
29154c4.12d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29164c4.12d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
29174c4.12d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29184c4.12d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
29194c4.12d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
29204c4.12d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29214c4.12d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29224c4.12d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
29234c4.12d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
29244c4.12d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29254c4.12d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29264c4.12d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
29274c4.12d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
29284c4.12d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
29294c4.12d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000a590000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
29304c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f190000 'C:\WINDOWS\system32\Shell32.dll'
29314c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7c680000 'C:\WINDOWS\system32\USERENV.dll'
29324c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
29334c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
29344c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000009c70000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
29354c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29364c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29374c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
29384c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
29394c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
29404c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
29414c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29424c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
29434c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
29444c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29454c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
29464c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29474c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
29484c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29494c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29504c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29514c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29524c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
29534c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29544c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29554c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000a5a0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
29564c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29574c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
29584c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29594c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
29604c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
29614c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
29624c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
29634c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
29644c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
29654c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
29664c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
29674c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
29684c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
29694c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll' [rcNtRedir=0xc0150008]
29704c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ae8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll
29714c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
29724c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
29734c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FF2BA2F4982C23C15380BC28BD7FA05746BAB73
29744c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll'
29754c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29764c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29774c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
29784c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'psapi.dll'.
29794c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
29804c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
29814c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll) WinVerifyTrust
29824c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll
29834c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29844c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
29854c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29864c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
29874c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
29884c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
29894c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll' [rcNtRedir=0xc0150008]
29904c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29914c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
29924c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
29934c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
29944c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29954c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29964c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
29974c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
29984c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
29994c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
30004c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30014c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30024c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
30034c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
30044c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
30054c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
30064c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
30074c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30084c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30094c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
30104c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
30114c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
30124c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30134c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30144c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30154c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
30164c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
30174c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll' [rcNtRedir=0xc0150008]
30184c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30194c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
30204c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30214c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30224c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30234c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30244c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30254c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30264c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30274c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30284c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
30294c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
30304c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll
30314c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30324c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
30334c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
30344c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\psapi.dll' [rcNtRedir=0xc0150008]
30354c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\psapi.dll
30364c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30374c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
30384c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30394c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
30404c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
30414c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
30424c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
30434c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
30444c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
30454c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll
30464c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000d260000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
30474c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30484c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
30494c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30504c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30514c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000dd00000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
30524c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
30534c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
30544c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000007960000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
30554c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
30564c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
30574c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000dc90000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
30584c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30594c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30604c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
30614c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
30624c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30634c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30644c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30654c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30664c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
30674c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
30684c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
30694c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000dd50000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
30704c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30714c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30724c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
30734c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
30744c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30754c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30764c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30774c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30784c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
30794c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
30804c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
30814c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000dd70000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
30824c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30834c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30844c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
30854c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
30864c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30874c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30884c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30894c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30904c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
30914c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
30924c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
30934c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000dd90000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
30944c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30954c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30964c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
30974c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
30984c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30994c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31004c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31014c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31024c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
31034c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31044c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31054c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000ddb0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
31064c4.fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31074c4.fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
31084c4.fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
31094c4.fa4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
31104c4.fa4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
31114c4.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31124c4.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31134c4.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
31144c4.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
31154c4.fa4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
31164c4.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31174c4.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31184c4.fa4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
31194c4.fa4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
31204c4.fa4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
31214c4.fa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000e540000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
31224c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31234c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31244c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
31254c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
31264c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
31274c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
31284c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
31294c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
31304c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
31314c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
31324c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
31334c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
31344c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
31354c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31364c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31374c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31384c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31394c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
31404c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
31414c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
31424c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000016600000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
31434c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll
31444c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
31454c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff57040000 'C:\WINDOWS\system32\Iphlpapi.dll'
31464c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000940 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\netman.dll
31474c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
31484c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
31494c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FD05BDC30FB0317CD481D7162BD0327584504E11
31504c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\netman.dll'
31514c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31524c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'netshell.dll'.
31534c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
31544c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'iphlpapi.dll'.
31554c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mprapi.dll'.
31564c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'netapi32.dll'.
31574c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
31584c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
31594c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'rasapi32.dll'.
31604c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'shell32.dll'.
31614c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'user32.dll'.
31624c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rtutils.dll'.
31634c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'secur32.dll'.
31644c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'wzcsvc.dll'.
31654c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'ws2_32.dll'.
31664c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'wininet.dll'.
31674c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'wzcsapi.dll'.
31684c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\netman.dll) WinVerifyTrust
31694c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\netman.dll
31704c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wzcsapi.dll'...
31714c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'wzcsapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wzcsapi.dll' [rcNtRedir=0xc0150008]
31724c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000093c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wzcsapi.dll
31734c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
31744c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
31754c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1DE20653BC2267BC0F8C1FE2B3BB7861950CDE27
31764c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wzcsapi.dll'
31774c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31784c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31794c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
31804c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
31814c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
31824c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
31834c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
31844c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rtutils.dll'.
31854c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wzcsapi.dll) WinVerifyTrust
31864c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wzcsapi.dll
31874c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wininet.dll'...
31884c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'wininet.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wininet.dll' [rcNtRedir=0xc0150008]
31894c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000938 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wininet.dll
31904c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
31914c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
31924c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=20CFAED1615F13183F1263711044181DA26C2EBE
31934c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\wininet.dll'
31944c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31954c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31964c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
31974c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
31984c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
31994c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'normaliz.dll'.
32004c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'urlmon.dll'.
32014c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'iertutil.dll'.
32024c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wininet.dll) WinVerifyTrust
32034c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wininet.dll
32044c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
32054c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
32064c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wzcsvc.dll'...
32074c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'wzcsvc.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wzcsvc.dll' [rcNtRedir=0xc0150008]
32084c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000924 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wzcsvc.dll
32094c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
32104c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
32114c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=634EA821DA3FC7EF7BC505273395A7EC7DA35023
32124c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wzcsvc.dll'
32134c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32144c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32154c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32164c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
32174c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
32184c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rtutils.dll'.
32194c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wmi.dll'.
32204c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dhcpcsvc.dll'.
32214c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
32224c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
32234c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'crypt32.dll'.
32244c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'secur32.dll'.
32254c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'wtsapi32.dll'.
32264c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'shlwapi.dll'.
32274c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'esent.dll'.
32284c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'wldap32.dll'.
32294c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'netapi32.dll'.
32304c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'atl.dll'.
32314c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'winsta.dll'.
32324c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wzcsvc.dll) WinVerifyTrust
32334c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wzcsvc.dll
32344c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'secur32.dll'...
32354c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'secur32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll' [rcNtRedir=0xc0150008]
32364c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\secur32.dll
32374c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rtutils.dll'...
32384c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rtutils.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll' [rcNtRedir=0xc0150008]
32394c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000934 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
32404c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
32414c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
32424c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=707E2A1BB194DFB0AB57880F701B19C8E108C77F
32434c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll'
32444c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32454c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
32464c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
32474c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll) WinVerifyTrust
32484c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
32494c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32504c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
32514c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
32524c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
32534c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rasapi32.dll'...
32544c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rasapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rasapi32.dll' [rcNtRedir=0xc0150008]
32554c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000908 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\rasapi32.dll
32564c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
32574c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
32584c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFF8FFD53BB7DC95914B2BD806393BF92349A3A
32594c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\rasapi32.dll'
32604c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32614c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32624c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
32634c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rasman.dll'.
32644c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'tapi32.dll'.
32654c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
32664c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
32674c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
32684c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\rasapi32.dll) WinVerifyTrust
32694c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\rasapi32.dll
32704c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
32714c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
32724c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
32734c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
32744c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
32754c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
32764c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
32774c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mprapi.dll'...
32784c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'mprapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\mprapi.dll' [rcNtRedir=0xc0150008]
32794c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000091c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\mprapi.dll
32804c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
32814c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
32824c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=97D20A28ACE2808AEF3D35792997A51A9E3E0AE9
32834c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\mprapi.dll'
32844c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32854c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32864c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'activeds.dll'.
32874c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
32884c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'netapi32.dll'.
32894c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
32904c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
32914c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
32924c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'rtutils.dll'.
32934c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'samlib.dll'.
32944c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'setupapi.dll'.
32954c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'user32.dll'.
32964c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\mprapi.dll) WinVerifyTrust
32974c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\mprapi.dll
32984c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
32994c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll' [rcNtRedir=0xc0150008]
33004c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll
33014c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
33024c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
33034c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netshell.dll'...
33044c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'netshell.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netshell.dll' [rcNtRedir=0xc0150008]
33054c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000008fc pwszName=\Device\HarddiskVolume1\WINDOWS\system32\netshell.dll
33064c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
33074c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
33084c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E767F53129E69E39B96EF3DA2F5F032DF0C3B3F1
33094c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\netshell.dll'
33104c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33114c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rtutils.dll'.
33124c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
33134c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
33144c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'credui.dll'.
33154c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
33164c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
33174c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
33184c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shlwapi.dll'.
33194c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'shell32.dll'.
33204c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'user32.dll'.
33214c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ws2_32.dll'.
33224c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'atl.dll'.
33234c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'iphlpapi.dll'.
33244c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'clusapi.dll'.
33254c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\netshell.dll) WinVerifyTrust
33264c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\netshell.dll
33274c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'clusapi.dll'...
33284c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'clusapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\clusapi.dll' [rcNtRedir=0xc0150008]
33294c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000008f8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\clusapi.dll
33304c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
33314c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
33324c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DA9F9E7FE8A19ED70AFEA111C20BF51FBB857EBB
33334c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\clusapi.dll'
33344c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33354c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33364c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
33374c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
33384c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
33394c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
33404c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\clusapi.dll) WinVerifyTrust
33414c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\clusapi.dll
33424c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
33434c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll' [rcNtRedir=0xc0150008]
33444c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll
33454c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'atl.dll'...
33464c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'atl.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\atl.dll' [rcNtRedir=0xc0150008]
33474c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000090c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\atl.dll
33484c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
33494c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
33504c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0BED21719739FD9CABD2251DA42D3E6EF3CB2197
33514c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973507.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\atl.dll'
33524c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33534c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33544c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
33554c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
33564c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\atl.dll) WinVerifyTrust
33574c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\atl.dll
33584c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
33594c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
33604c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33614c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
33624c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
33634c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
33644c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
33654c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
33664c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
33674c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33684c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33694c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
33704c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
33714c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll
33724c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
33734c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
33744c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'credui.dll'...
33754c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'credui.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\credui.dll' [rcNtRedir=0xc0150008]
33764c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000914 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\credui.dll
33774c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
33784c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
33794c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01317849A749B559A06EEB989029F33AE06A307
33804c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\credui.dll'
33814c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33824c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33834c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
33844c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
33854c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
33864c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
33874c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\credui.dll) WinVerifyTrust
33884c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\credui.dll
33894c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
33904c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
33914c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
33924c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
33934c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rtutils.dll'...
33944c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rtutils.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll' [rcNtRedir=0xc0150008]
33954c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
33964c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33974c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
33984c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
33994c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\setupapi.dll' [rcNtRedir=0xc0150008]
34004c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'samlib.dll'...
34014c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'samlib.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll' [rcNtRedir=0xc0150008]
34024c4.1320: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\system32\samlib.dll [redoing WinVerifyTrust]
34034c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000129c pwszName=\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll
34044c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
34054c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
34064c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F37F7F1C71928AA98A52829C917228BF4698EA9F
34074c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll'
34084c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34094c4.1320: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\WINDOWS\system32\samlib.dll'
34104c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rtutils.dll'...
34114c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rtutils.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll' [rcNtRedir=0xc0150008]
34124c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
34134c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34144c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34154c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
34164c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
34174c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
34184c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
34194c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
34204c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
34214c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
34224c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
34234c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
34244c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'activeds.dll'...
34254c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'activeds.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\activeds.dll' [rcNtRedir=0xc0150008]
34264c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000910 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\activeds.dll
34274c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
34284c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
34294c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A1DE686432770D37EB26E86CF59FDFEAB28E1AFB
34304c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\activeds.dll'
34314c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34324c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'adsldpc.dll'.
34334c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
34344c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'atl.dll'.
34354c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
34364c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
34374c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
34384c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
34394c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'netapi32.dll'.
34404c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\activeds.dll) WinVerifyTrust
34414c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\activeds.dll
34424c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34434c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
34444c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
34454c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll' [rcNtRedir=0xc0150008]
34464c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll
34474c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34484c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34494c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
34504c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
34514c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'tapi32.dll'...
34524c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'tapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\tapi32.dll' [rcNtRedir=0xc0150008]
34534c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000920 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\tapi32.dll
34544c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
34554c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
34564c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2FEAB64E2BC88177D5AA833B47D20306C5A81DA9
34574c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\tapi32.dll'
34584c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34594c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34604c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
34614c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
34624c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
34634c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'.
34644c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
34654c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rtutils.dll'.
34664c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'winmm.dll'.
34674c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\tapi32.dll) WinVerifyTrust
34684c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\tapi32.dll
34694c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rasman.dll'...
34704c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rasman.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rasman.dll' [rcNtRedir=0xc0150008]
34714c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000008dc pwszName=\Device\HarddiskVolume1\WINDOWS\system32\rasman.dll
34724c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
34734c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
34744c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E18B9D674AC08D7C68EAF3780E76A568345CDA98
34754c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\rasman.dll'
34764c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34774c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34784c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
34794c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
34804c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
34814c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
34824c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'netapi32.dll'.
34834c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\rasman.dll) WinVerifyTrust
34844c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\rasman.dll
34854c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
34864c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
34874c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34884c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
34894c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34904c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
34914c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
34924c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
34934c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winsta.dll'...
34944c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'winsta.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winsta.dll' [rcNtRedir=0xc0150008]
34954c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\winsta.dll
34964c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'atl.dll'...
34974c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'atl.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\atl.dll' [rcNtRedir=0xc0150008]
34984c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\atl.dll
34994c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
35004c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
35014c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll
35024c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
35034c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll' [rcNtRedir=0xc0150008]
35044c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll
35054c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'esent.dll'...
35064c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'esent.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\esent.dll' [rcNtRedir=0xc0150008]
35074c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000008d8 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\esent.dll
35084c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
35094c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
35104c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8002EC9B36630C4CFFD97A60BD744FAFC1E42DCE
35114c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\esent.dll'
35124c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35134c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35144c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
35154c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\esent.dll) WinVerifyTrust
35164c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\esent.dll
35174c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
35184c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
35194c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
35204c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wtsapi32.dll'...
35214c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'wtsapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll' [rcNtRedir=0xc0150008]
35224c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wtsapi32.dll
35234c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'secur32.dll'...
35244c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'secur32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll' [rcNtRedir=0xc0150008]
35254c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\secur32.dll
35264c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
35274c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\crypt32.dll' [rcNtRedir=0xc0150008]
35284c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
35294c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
35304c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
35314c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
35324c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dhcpcsvc.dll'...
35334c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'dhcpcsvc.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\dhcpcsvc.dll' [rcNtRedir=0xc0150008]
35344c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000928 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\dhcpcsvc.dll
35354c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
35364c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
35374c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2A90618E2518E2F69C7050E1AA56298980A8F719
35384c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\dhcpcsvc.dll'
35394c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35404c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35414c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
35424c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'dnsapi.dll'.
35434c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'iphlpapi.dll'.
35444c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
35454c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'secur32.dll'.
35464c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
35474c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ws2_32.dll'.
35484c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\dhcpcsvc.dll) WinVerifyTrust
35494c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\dhcpcsvc.dll
35504c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wmi.dll'...
35514c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'wmi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wmi.dll' [rcNtRedir=0xc0150008]
35524c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000904 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\wmi.dll
35534c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
35544c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
35554c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4FF828E670968649BA777EA6EB10D7F25E04A82B
35564c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\wmi.dll'
35574c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35584c4.1320: '\Device\HarddiskVolume1\WINDOWS\system32\wmi.dll' has no imports
35594c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\wmi.dll) WinVerifyTrust
35604c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\wmi.dll
35614c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rtutils.dll'...
35624c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rtutils.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll' [rcNtRedir=0xc0150008]
35634c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
35644c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
35654c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
35664c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
35674c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
35684c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
35694c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
35704c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35714c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
35724c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iertutil.dll'...
35734c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'iertutil.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\iertutil.dll' [rcNtRedir=0xc0150008]
35744c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000900 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\iertutil.dll
35754c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
35764c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
35774c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=55E834C02DAAE5779C88FAB15716DF1E046C8574
35784c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\iertutil.dll'
35794c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35804c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35814c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
35824c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
35834c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shlwapi.dll'.
35844c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\iertutil.dll) WinVerifyTrust
35854c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\iertutil.dll
35864c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'urlmon.dll'...
35874c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'urlmon.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\urlmon.dll' [rcNtRedir=0xc0150008]
35884c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000008f4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\urlmon.dll
35894c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
35904c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
35914c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8EF91FF272C37F1F4FB90A089A264D118EC339BE
35924c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\urlmon.dll'
35934c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35944c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35954c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
35964c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
35974c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
35984c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shlwapi.dll'.
35994c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
36004c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
36014c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'iertutil.dll'.
36024c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\urlmon.dll) WinVerifyTrust
36034c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\urlmon.dll
36044c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'normaliz.dll'...
36054c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'normaliz.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\normaliz.dll' [rcNtRedir=0xc0150008]
36064c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000008f0 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\normaliz.dll
36074c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
36084c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
36094c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E413586B568BDFC863133EDC1A6242F140B40F9E
36104c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat'; file='\Device\HarddiskVolume1\WINDOWS\system32\normaliz.dll'
36114c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
36124c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36134c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\normaliz.dll) WinVerifyTrust
36144c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\normaliz.dll
36154c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36164c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
36174c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36184c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
36194c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
36204c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
36214c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll
36224c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36234c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
36244c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rtutils.dll'...
36254c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rtutils.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll' [rcNtRedir=0xc0150008]
36264c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
36274c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36284c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
36294c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
36304c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
36314c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
36324c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
36334c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36344c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
36354c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll
36364c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36374c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36384c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36394c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
36404c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36414c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
36424c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iertutil.dll'...
36434c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'iertutil.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\iertutil.dll' [rcNtRedir=0xc0150008]
36444c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\iertutil.dll
36454c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36464c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
36474c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36484c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
36494c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
36504c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
36514c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36524c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36534c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
36544c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
36554c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
36564c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
36574c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36584c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
36594c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
36604c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
36614c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36624c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
36634c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36644c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
36654c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36664c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
36674c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
36684c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
36694c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36704c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
36714c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'secur32.dll'...
36724c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'secur32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\secur32.dll' [rcNtRedir=0xc0150008]
36734c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\secur32.dll
36744c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36754c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36764c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
36774c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll' [rcNtRedir=0xc0150008]
36784c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\iphlpapi.dll
36794c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dnsapi.dll'...
36804c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'dnsapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll' [rcNtRedir=0xc0150008]
36814c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\dnsapi.dll
36824c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36834c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
36844c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36854c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
36864c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36874c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
36884c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36894c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
36904c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
36914c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
36924c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36934c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
36944c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
36954c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ws2_32.dll' [rcNtRedir=0xc0150008]
36964c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36974c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36984c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36994c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
37004c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37014c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
37024c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
37034c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\winmm.dll' [rcNtRedir=0xc0150008]
37044c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rtutils.dll'...
37054c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rtutils.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll' [rcNtRedir=0xc0150008]
37064c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
37074c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
37084c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
37094c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
37104c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shlwapi.dll' [rcNtRedir=0xc0150008]
37114c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
37124c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
37134c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll
37144c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
37154c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
37164c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
37174c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
37184c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37194c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
37204c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
37214c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
37224c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
37234c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
37244c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
37254c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
37264c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\user32.dll
37274c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
37284c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
37294c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
37304c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
37314c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'atl.dll'...
37324c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'atl.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\atl.dll' [rcNtRedir=0xc0150008]
37334c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\atl.dll
37344c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37354c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
37364c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'adsldpc.dll'...
37374c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'adsldpc.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\adsldpc.dll' [rcNtRedir=0xc0150008]
37384c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000008d4 pwszName=\Device\HarddiskVolume1\WINDOWS\system32\adsldpc.dll
37394c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006eace0
37404c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006eace0
37414c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=357A6331F7A595716200440DD7DAE9E16347A3D7
37424c4.1320: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT'; file='\Device\HarddiskVolume1\WINDOWS\system32\adsldpc.dll'
37434c4.1320: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
37444c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37454c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netapi32.dll'.
37464c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'wldap32.dll'.
37474c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
37484c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
37494c4.1320: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'credui.dll'.
37504c4.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\WINDOWS\system32\adsldpc.dll) WinVerifyTrust
37514c4.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\WINDOWS\system32\adsldpc.dll
37524c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
37534c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
37544c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
37554c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\shell32.dll' [rcNtRedir=0xc0150008]
37564c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
37574c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
37584c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
37594c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
37604c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37614c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
37624c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
37634c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\gdi32.dll' [rcNtRedir=0xc0150008]
37644c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
37654c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
37664c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37674c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
37684c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll
37694c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
37704c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\oleaut32.dll' [rcNtRedir=0xc0150008]
37714c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
37724c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\ole32.dll' [rcNtRedir=0xc0150008]
37734c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
37744c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\rpcrt4.dll' [rcNtRedir=0xc0150008]
37754c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
37764c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
37774c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37784c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
37794c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'credui.dll'...
37804c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'credui.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\credui.dll' [rcNtRedir=0xc0150008]
37814c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\credui.dll
37824c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
37834c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\user32.dll' [rcNtRedir=0xc0150008]
37844c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
37854c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\advapi32.dll' [rcNtRedir=0xc0150008]
37864c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
37874c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll' [rcNtRedir=0xc0150008]
37884c4.1320: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wldap32.dll
37894c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
37904c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\netapi32.dll' [rcNtRedir=0xc0150008]
37914c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37924c4.1320: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\WINDOWS\system32\msvcrt.dll' [rcNtRedir=0xc0150008]
37934c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\netman.dll (Input=netman.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
37944c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netman.dll
37954c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netman.dll
37964c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\netshell.dll
37974c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rtutils.dll
37984c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\credui.dll
37994c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\atl.dll
38004c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\clusapi.dll
38014c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\mprapi.dll
38024c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\activeds.dll
38034c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\adsldpc.dll
38044c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rasapi32.dll
38054c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\rasman.dll
38064c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\tapi32.dll
38074c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wzcsvc.dll
38084c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wmi.dll
38094c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\dhcpcsvc.dll
38104c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\esent.dll
38114c4.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\wzcsapi.dll
38124c4.1320: supR3HardenedScreenImage/NtCreateSection: Applying the drop-exec-kludge for '\Device\HarddiskVolume1\WINDOWS\WindowsShell.Manifest'
38134c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll [redoing WinVerifyTrust]
38144c4.1320: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'.
38154c4.1320: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll
38164c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\AMD64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
38174c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f000000 'C:\WINDOWS\WinSxS\AMD64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'
38184c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll [redoing WinVerifyTrust]
38194c4.1320: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'.
38204c4.1320: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll
38214c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
38224c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f000000 'C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'
38234c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll [redoing WinVerifyTrust]
38244c4.1320: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'.
38254c4.1320: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll
38264c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
38274c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f000000 'C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'
38284c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll [redoing WinVerifyTrust]
38294c4.1320: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'.
38304c4.1320: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll
38314c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
38324c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f000000 'C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'
38334c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll [redoing WinVerifyTrust]
38344c4.1320: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'.
38354c4.1320: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume1\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll
38364c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000003078850:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
38374c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7f000000 'C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_639C4A9E\comctl32.dll'
38384c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7e6b0000 'C:\WINDOWS\system32\netman.dll'
38394c4.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
38404c4.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
38414c4.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000009c70000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
38424c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll
38434c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll
38444c4.42c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSCTF.dll
38454c4.42c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Msctf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000665830:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\sysWOW64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common [calling]
38464c4.42c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007ff7a410000 'C:\WINDOWS\system32\Msctf.dll'
38474c4.368: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\WINDOWS\system32\MSIMTF.dll
38484c4.368: Terminating the normal way: rcExit=0
3849f54.10dc: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 21731 ms, the end);
3850500.e4c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 22332 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy