VirtualBox

Ticket #18148: VBoxHardening.log

File VBoxHardening.log, 427.9 KB (added by IzK, 6 years ago)
Line 
112d8.1364: Log file opened: 5.2.22r126460 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
212d8.1364: \SystemRoot\System32\ntdll.dll:
312d8.1364: CreationTime: 2010-11-21T03:24:02.237248300Z
412d8.1364: LastWriteTime: 2010-11-21T03:24:02.237248300Z
512d8.1364: ChangeTime: 2016-10-25T11:50:22.928484300Z
612d8.1364: FileAttributes: 0x20
712d8.1364: Size: 0x1a6d60
812d8.1364: NT Headers: 0xe0
912d8.1364: Timestamp: 0x4ce7c8f9
1012d8.1364: Machine: 0x8664 - amd64
1112d8.1364: Timestamp: 0x4ce7c8f9
1212d8.1364: Image Version: 6.1
1312d8.1364: SizeOfImage: 0x1a9000 (1740800)
1412d8.1364: Resource Dir: 0x151000 LB 0x560d8
1512d8.1364: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1612d8.1364: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1712d8.1364: ProductName: Microsoft® Windows® Operating System
1812d8.1364: ProductVersion: 6.1.7601.17514
1912d8.1364: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
2012d8.1364: FileDescription: NT Layer DLL
2112d8.1364: \SystemRoot\System32\kernel32.dll:
2212d8.1364: CreationTime: 2010-11-21T03:24:10.130862200Z
2312d8.1364: LastWriteTime: 2010-11-21T03:24:10.130862200Z
2412d8.1364: ChangeTime: 2016-10-25T11:50:21.493281700Z
2512d8.1364: FileAttributes: 0x20
2612d8.1364: Size: 0x11b800
2712d8.1364: NT Headers: 0xe8
2812d8.1364: Timestamp: 0x4ce7c78b
2912d8.1364: Machine: 0x8664 - amd64
3012d8.1364: Timestamp: 0x4ce7c78b
3112d8.1364: Image Version: 6.1
3212d8.1364: SizeOfImage: 0x11f000 (1175552)
3312d8.1364: Resource Dir: 0x116000 LB 0x528
3412d8.1364: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3512d8.1364: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3612d8.1364: ProductName: Microsoft® Windows® Operating System
3712d8.1364: ProductVersion: 6.1.7601.17514
3812d8.1364: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
3912d8.1364: FileDescription: Windows NT BASE API Client DLL
4012d8.1364: \SystemRoot\System32\KernelBase.dll:
4112d8.1364: CreationTime: 2010-11-21T03:24:25.294088800Z
4212d8.1364: LastWriteTime: 2010-11-21T03:24:25.294088800Z
4312d8.1364: ChangeTime: 2016-10-25T11:50:21.493281700Z
4412d8.1364: FileAttributes: 0x20
4512d8.1364: Size: 0x66800
4612d8.1364: NT Headers: 0xf0
4712d8.1364: Timestamp: 0x4ce7c78c
4812d8.1364: Machine: 0x8664 - amd64
4912d8.1364: Timestamp: 0x4ce7c78c
5012d8.1364: Image Version: 6.1
5112d8.1364: SizeOfImage: 0x6b000 (438272)
5212d8.1364: Resource Dir: 0x69000 LB 0x530
5312d8.1364: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5412d8.1364: [Raw version resource data: 0x690b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
5512d8.1364: ProductName: Microsoft® Windows® Operating System
5612d8.1364: ProductVersion: 6.1.7601.17514
5712d8.1364: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
5812d8.1364: FileDescription: Windows NT BASE API Client DLL
5912d8.1364: \SystemRoot\System32\apisetschema.dll:
6012d8.1364: CreationTime: 2009-07-13T23:18:54.866423200Z
6112d8.1364: LastWriteTime: 2009-07-14T01:24:53.779000000Z
6212d8.1364: ChangeTime: 2016-10-25T11:50:24.660087300Z
6312d8.1364: FileAttributes: 0x20
6412d8.1364: Size: 0x1a00
6512d8.1364: NT Headers: 0xc0
6612d8.1364: Timestamp: 0x4a5bdeab
6712d8.1364: Machine: 0x8664 - amd64
6812d8.1364: Timestamp: 0x4a5bdeab
6912d8.1364: Image Version: 6.1
7012d8.1364: SizeOfImage: 0x50000 (327680)
7112d8.1364: Resource Dir: 0x30000 LB 0x3f0
7212d8.1364: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7312d8.1364: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]
7412d8.1364: ProductName: Microsoft® Windows® Operating System
7512d8.1364: ProductVersion: 6.1.7600.16385
7612d8.1364: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
7712d8.1364: FileDescription: ApiSet Schema DLL
7812d8.1364: supR3HardenedWinFindAdversaries: 0x0
7912d8.1364: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\VirtualBox'
8012d8.1364: Calling main()
8112d8.1364: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
8212d8.1364: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\VirtualBox'
8312d8.1364: SUPR3HardenedMain: Respawn #1
8412d8.1364: System32: \Device\HarddiskVolume2\Windows\System32
8512d8.1364: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
8612d8.1364: KnownDllPath: C:\Windows\system32
8712d8.1364: '\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe' has no imports
8812d8.1364: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe)
8912d8.1364: supR3HardNtEnableThreadCreation:
9012d8.1364: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007712c320 pvNtTerminateThread=0000000077151840
9112d8.1364: supR3HardenedWinDoReSpawn(1): New child e7c.df4 [kernel32].
9212d8.1364: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd3000 cbPeb=0x380
9312d8.1364: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077100000 uNtDllChildAddr=0000000077100000
9412d8.1364: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007712c320
9512d8.1364: supR3HardenedWinSetupChildInit: Start child.
9612d8.1364: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
9712d8.1364: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps
9812d8.1364: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
9912d8.1364: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
10012d8.1364: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
10112d8.1364: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
10212d8.1364: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
10312d8.1364: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
10412d8.1364: 0000000000041000-00000000001affff 0x0001/0x0000 0x0000000
10512d8.1364: *00000000001b0000-00000000002abfff 0x0000/0x0004 0x0020000
10612d8.1364: 00000000002ac000-00000000002adfff 0x0104/0x0004 0x0020000
10712d8.1364: 00000000002ae000-00000000002affff 0x0004/0x0004 0x0020000
10812d8.1364: 00000000002b0000-00000000770fffff 0x0001/0x0000 0x0000000
10912d8.1364: *0000000077100000-0000000077100fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11012d8.1364: 0000000077101000-0000000077202fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11112d8.1364: 0000000077203000-0000000077231fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11212d8.1364: 0000000077232000-000000007723dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11312d8.1364: 000000007723e000-00000000772a8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11412d8.1364: 00000000772a9000-000000007efdffff 0x0001/0x0000 0x0000000
11512d8.1364: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
11612d8.1364: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
11712d8.1364: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
11812d8.1364: 000000007fff0000-000000013fb1ffff 0x0001/0x0000 0x0000000
11912d8.1364: *000000013fb20000-000000013fb20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12012d8.1364: 000000013fb21000-000000013fb91fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12112d8.1364: 000000013fb92000-000000013fb92fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12212d8.1364: 000000013fb93000-000000013fbd8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12312d8.1364: 000000013fbd9000-000000013fbd9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12412d8.1364: 000000013fbda000-000000013fbdafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12512d8.1364: 000000013fbdb000-000000013fbdffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12612d8.1364: 000000013fbe0000-000000013fbe0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12712d8.1364: 000000013fbe1000-000000013fbe1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12812d8.1364: 000000013fbe2000-000000013fbe5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
12912d8.1364: 000000013fbe6000-000000013fc2dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
13012d8.1364: 000000013fc2e000-000007feff41ffff 0x0001/0x0000 0x0000000
13112d8.1364: *000007feff420000-000007feff420fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
13212d8.1364: 000007feff421000-000007fffffaffff 0x0001/0x0000 0x0000000
13312d8.1364: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
13412d8.1364: *000007fffffd3000-000007fffffd3fff 0x0004/0x0004 0x0020000
13512d8.1364: 000007fffffd4000-000007fffffddfff 0x0001/0x0000 0x0000000
13612d8.1364: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
13712d8.1364: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
13812d8.1364: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
13912d8.1364: VirtualBox.exe: timestamp 0x5be4900d (rc=VINF_SUCCESS)
14012d8.1364: '\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe' has no imports
14112d8.1364: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
14212d8.1364: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
14312d8.1364: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
14412d8.1364: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
14512d8.1364: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
14612d8.1364: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
14712d8.1364: supR3HardNtChildPurify: Done after 318 ms and 0 fixes (loop #0).
148e7c.df4: Log file opened: 5.2.22r126460 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
149e7c.df4: supR3HardenedVmProcessInit: uNtDllAddr=0000000077100000 g_uNtVerCombined=0x611db100
150e7c.df4: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
151e7c.df4: New simple heap: #1 00000000002b0000 LB 0x400000 (for 1740800 allocation)
15212d8.1364: supR3HardNtEnableThreadCreation:
153e7c.df4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\VirtualBox'
154e7c.df4: System32: \Device\HarddiskVolume2\Windows\System32
155e7c.df4: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
156e7c.df4: KnownDllPath: C:\Windows\system32
157e7c.df4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
158e7c.df4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
159e7c.df4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
160e7c.df4: Registered Dll notification callback with NTDLL.
161e7c.df4: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
162e7c.df4: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
163e7c.df4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
164e7c.df4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
165e7c.df4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
166e7c.df4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
167e7c.df4: supR3HardenedDllNotificationCallback: load 0000000076fe0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
168e7c.df4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
169e7c.df4: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x0006b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
170e7c.df4: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
171e7c.df4: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
172e7c.df4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
173e7c.df4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
174e7c.df4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fe0000 'C:\Windows\system32\kernel32.dll'
175e7c.df4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007712c320 pvNtTerminateThread=0000000077151840
17612d8.1364: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 43 ms.
177e7c.df4: \SystemRoot\System32\ntdll.dll:
178e7c.df4: CreationTime: 2010-11-21T03:24:02.237248300Z
179e7c.df4: LastWriteTime: 2010-11-21T03:24:02.237248300Z
180e7c.df4: ChangeTime: 2016-10-25T11:50:22.928484300Z
181e7c.df4: FileAttributes: 0x20
182e7c.df4: Size: 0x1a6d60
183e7c.df4: NT Headers: 0xe0
184e7c.df4: Timestamp: 0x4ce7c8f9
185e7c.df4: Machine: 0x8664 - amd64
186e7c.df4: Timestamp: 0x4ce7c8f9
187e7c.df4: Image Version: 6.1
188e7c.df4: SizeOfImage: 0x1a9000 (1740800)
189e7c.df4: Resource Dir: 0x151000 LB 0x560d8
190e7c.df4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
191e7c.df4: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]
192e7c.df4: ProductName: Microsoft® Windows® Operating System
193e7c.df4: ProductVersion: 6.1.7601.17514
194e7c.df4: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
195e7c.df4: FileDescription: NT Layer DLL
196e7c.df4: \SystemRoot\System32\kernel32.dll:
197e7c.df4: CreationTime: 2010-11-21T03:24:10.130862200Z
198e7c.df4: LastWriteTime: 2010-11-21T03:24:10.130862200Z
199e7c.df4: ChangeTime: 2016-10-25T11:50:21.493281700Z
200e7c.df4: FileAttributes: 0x20
201e7c.df4: Size: 0x11b800
202e7c.df4: NT Headers: 0xe8
203e7c.df4: Timestamp: 0x4ce7c78b
204e7c.df4: Machine: 0x8664 - amd64
205e7c.df4: Timestamp: 0x4ce7c78b
206e7c.df4: Image Version: 6.1
207e7c.df4: SizeOfImage: 0x11f000 (1175552)
208e7c.df4: Resource Dir: 0x116000 LB 0x528
209e7c.df4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
210e7c.df4: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
211e7c.df4: ProductName: Microsoft® Windows® Operating System
212e7c.df4: ProductVersion: 6.1.7601.17514
213e7c.df4: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
214e7c.df4: FileDescription: Windows NT BASE API Client DLL
215e7c.df4: \SystemRoot\System32\KernelBase.dll:
216e7c.df4: CreationTime: 2010-11-21T03:24:25.294088800Z
217e7c.df4: LastWriteTime: 2010-11-21T03:24:25.294088800Z
218e7c.df4: ChangeTime: 2016-10-25T11:50:21.493281700Z
219e7c.df4: FileAttributes: 0x20
220e7c.df4: Size: 0x66800
221e7c.df4: NT Headers: 0xf0
222e7c.df4: Timestamp: 0x4ce7c78c
223e7c.df4: Machine: 0x8664 - amd64
224e7c.df4: Timestamp: 0x4ce7c78c
225e7c.df4: Image Version: 6.1
226e7c.df4: SizeOfImage: 0x6b000 (438272)
227e7c.df4: Resource Dir: 0x69000 LB 0x530
228e7c.df4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
229e7c.df4: [Raw version resource data: 0x690b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
230e7c.df4: ProductName: Microsoft® Windows® Operating System
231e7c.df4: ProductVersion: 6.1.7601.17514
232e7c.df4: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
233e7c.df4: FileDescription: Windows NT BASE API Client DLL
234e7c.df4: \SystemRoot\System32\apisetschema.dll:
235e7c.df4: CreationTime: 2009-07-13T23:18:54.866423200Z
236e7c.df4: LastWriteTime: 2009-07-14T01:24:53.779000000Z
237e7c.df4: ChangeTime: 2016-10-25T11:50:24.660087300Z
238e7c.df4: FileAttributes: 0x20
239e7c.df4: Size: 0x1a00
240e7c.df4: NT Headers: 0xc0
241e7c.df4: Timestamp: 0x4a5bdeab
242e7c.df4: Machine: 0x8664 - amd64
243e7c.df4: Timestamp: 0x4a5bdeab
244e7c.df4: Image Version: 6.1
245e7c.df4: SizeOfImage: 0x50000 (327680)
246e7c.df4: Resource Dir: 0x30000 LB 0x3f0
247e7c.df4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
248e7c.df4: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]
249e7c.df4: ProductName: Microsoft® Windows® Operating System
250e7c.df4: ProductVersion: 6.1.7600.16385
251e7c.df4: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
252e7c.df4: FileDescription: ApiSet Schema DLL
253e7c.df4: supR3HardenedWinFindAdversaries: 0x0
254e7c.df4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\VirtualBox'
255e7c.df4: Calling main()
256e7c.df4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
257e7c.df4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\VirtualBox'
258e7c.df4: '\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe' has no imports
259e7c.df4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe)
260e7c.df4: SUPR3HardenedMain: Respawn #2
261e7c.df4: supR3HardNtEnableThreadCreation:
262e7c.df4: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
263e7c.df4: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
264e7c.df4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
265e7c.df4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
266e7c.df4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
267e7c.df4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
268e7c.df4: supR3HardenedDllNotificationCallback: load 000007fefcf20000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
269e7c.df4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
270e7c.df4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf20000 'C:\Windows\system32\apphelp.dll'
271e7c.df4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007712c320 pvNtTerminateThread=0000000077151840
272e7c.df4: supR3HardenedWinDoReSpawn(2): New child fe4.dfc [kernel32].
273e7c.df4: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
274e7c.df4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077100000 uNtDllChildAddr=0000000077100000
275e7c.df4: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007712c320
276e7c.df4: supR3HardenedWinSetupChildInit: Start child.
277e7c.df4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
278e7c.df4: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 31 sleeps
279e7c.df4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
280e7c.df4: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
281e7c.df4: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
282e7c.df4: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
283e7c.df4: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
284e7c.df4: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
285e7c.df4: 0000000000041000-00000000001cffff 0x0001/0x0000 0x0000000
286e7c.df4: *00000000001d0000-00000000002cbfff 0x0000/0x0004 0x0020000
287e7c.df4: 00000000002cc000-00000000002cdfff 0x0104/0x0004 0x0020000
288e7c.df4: 00000000002ce000-00000000002cffff 0x0004/0x0004 0x0020000
289e7c.df4: 00000000002d0000-00000000770fffff 0x0001/0x0000 0x0000000
290e7c.df4: *0000000077100000-0000000077100fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
291e7c.df4: 0000000077101000-0000000077202fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
292e7c.df4: 0000000077203000-0000000077231fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
293e7c.df4: 0000000077232000-000000007723dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
294e7c.df4: 000000007723e000-00000000772a8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
295e7c.df4: 00000000772a9000-000000007efdffff 0x0001/0x0000 0x0000000
296e7c.df4: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
297e7c.df4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
298e7c.df4: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
299e7c.df4: 000000007fff0000-000000013fb1ffff 0x0001/0x0000 0x0000000
300e7c.df4: *000000013fb20000-000000013fb20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
301e7c.df4: 000000013fb21000-000000013fb91fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
302e7c.df4: 000000013fb92000-000000013fb92fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
303e7c.df4: 000000013fb93000-000000013fbd8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
304e7c.df4: 000000013fbd9000-000000013fbd9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
305e7c.df4: 000000013fbda000-000000013fbdafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
306e7c.df4: 000000013fbdb000-000000013fbdffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
307e7c.df4: 000000013fbe0000-000000013fbe0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
308e7c.df4: 000000013fbe1000-000000013fbe1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
309e7c.df4: 000000013fbe2000-000000013fbe5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
310e7c.df4: 000000013fbe6000-000000013fc2dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe
311e7c.df4: 000000013fc2e000-000007feff41ffff 0x0001/0x0000 0x0000000
312e7c.df4: *000007feff420000-000007feff420fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
313e7c.df4: 000007feff421000-000007fffffaffff 0x0001/0x0000 0x0000000
314e7c.df4: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
315e7c.df4: 000007fffffd3000-000007fffffdcfff 0x0001/0x0000 0x0000000
316e7c.df4: *000007fffffdd000-000007fffffdefff 0x0004/0x0004 0x0020000
317e7c.df4: *000007fffffdf000-000007fffffdffff 0x0004/0x0004 0x0020000
318e7c.df4: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
319e7c.df4: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
320e7c.df4: VirtualBox.exe: timestamp 0x5be4900d (rc=VINF_SUCCESS)
321e7c.df4: '\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe' has no imports
322e7c.df4: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
323e7c.df4: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
324e7c.df4: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
325e7c.df4: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
326e7c.df4: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
327e7c.df4: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
328e7c.df4: supR3HardNtChildPurify: Done after 306 ms and 0 fixes (loop #0).
329fe4.dfc: Log file opened: 5.2.22r126460 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
330fe4.dfc: supR3HardenedVmProcessInit: uNtDllAddr=0000000077100000 g_uNtVerCombined=0x611db100
331fe4.dfc: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
332fe4.dfc: New simple heap: #1 00000000002d0000 LB 0x400000 (for 1740800 allocation)
333e7c.df4: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002b0000 LB 0x400000)
334e7c.df4: supR3HardNtEnableThreadCreation:
335fe4.dfc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\VirtualBox'
336fe4.dfc: System32: \Device\HarddiskVolume2\Windows\System32
337fe4.dfc: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
338fe4.dfc: KnownDllPath: C:\Windows\system32
339fe4.dfc: supR3HardenedVmProcessInit: Opening vboxdrv...
340fe4.dfc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
341fe4.dfc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
342fe4.dfc: Registered Dll notification callback with NTDLL.
343fe4.dfc: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
344fe4.dfc: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
345fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
346fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
347fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
348fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
349fe4.dfc: supR3HardenedDllNotificationCallback: load 0000000076fe0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
350fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
351fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x0006b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
352fe4.dfc: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
353fe4.dfc: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
354fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
355fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
356fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fe0000 'C:\Windows\system32\kernel32.dll'
357fe4.dfc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007712c320 pvNtTerminateThread=0000000077151840
358e7c.df4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 60 ms.
359fe4.dfc: \SystemRoot\System32\ntdll.dll:
360fe4.dfc: CreationTime: 2010-11-21T03:24:02.237248300Z
361fe4.dfc: LastWriteTime: 2010-11-21T03:24:02.237248300Z
362fe4.dfc: ChangeTime: 2016-10-25T11:50:22.928484300Z
363fe4.dfc: FileAttributes: 0x20
364fe4.dfc: Size: 0x1a6d60
365fe4.dfc: NT Headers: 0xe0
366fe4.dfc: Timestamp: 0x4ce7c8f9
367fe4.dfc: Machine: 0x8664 - amd64
368fe4.dfc: Timestamp: 0x4ce7c8f9
369fe4.dfc: Image Version: 6.1
370fe4.dfc: SizeOfImage: 0x1a9000 (1740800)
371fe4.dfc: Resource Dir: 0x151000 LB 0x560d8
372fe4.dfc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
373fe4.dfc: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]
374fe4.dfc: ProductName: Microsoft® Windows® Operating System
375fe4.dfc: ProductVersion: 6.1.7601.17514
376fe4.dfc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
377fe4.dfc: FileDescription: NT Layer DLL
378fe4.dfc: \SystemRoot\System32\kernel32.dll:
379fe4.dfc: CreationTime: 2010-11-21T03:24:10.130862200Z
380fe4.dfc: LastWriteTime: 2010-11-21T03:24:10.130862200Z
381fe4.dfc: ChangeTime: 2016-10-25T11:50:21.493281700Z
382fe4.dfc: FileAttributes: 0x20
383fe4.dfc: Size: 0x11b800
384fe4.dfc: NT Headers: 0xe8
385fe4.dfc: Timestamp: 0x4ce7c78b
386fe4.dfc: Machine: 0x8664 - amd64
387fe4.dfc: Timestamp: 0x4ce7c78b
388fe4.dfc: Image Version: 6.1
389fe4.dfc: SizeOfImage: 0x11f000 (1175552)
390fe4.dfc: Resource Dir: 0x116000 LB 0x528
391fe4.dfc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
392fe4.dfc: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
393fe4.dfc: ProductName: Microsoft® Windows® Operating System
394fe4.dfc: ProductVersion: 6.1.7601.17514
395fe4.dfc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
396fe4.dfc: FileDescription: Windows NT BASE API Client DLL
397fe4.dfc: \SystemRoot\System32\KernelBase.dll:
398fe4.dfc: CreationTime: 2010-11-21T03:24:25.294088800Z
399fe4.dfc: LastWriteTime: 2010-11-21T03:24:25.294088800Z
400fe4.dfc: ChangeTime: 2016-10-25T11:50:21.493281700Z
401fe4.dfc: FileAttributes: 0x20
402fe4.dfc: Size: 0x66800
403fe4.dfc: NT Headers: 0xf0
404fe4.dfc: Timestamp: 0x4ce7c78c
405fe4.dfc: Machine: 0x8664 - amd64
406fe4.dfc: Timestamp: 0x4ce7c78c
407fe4.dfc: Image Version: 6.1
408fe4.dfc: SizeOfImage: 0x6b000 (438272)
409fe4.dfc: Resource Dir: 0x69000 LB 0x530
410fe4.dfc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
411fe4.dfc: [Raw version resource data: 0x690b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
412fe4.dfc: ProductName: Microsoft® Windows® Operating System
413fe4.dfc: ProductVersion: 6.1.7601.17514
414fe4.dfc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
415fe4.dfc: FileDescription: Windows NT BASE API Client DLL
416fe4.dfc: \SystemRoot\System32\apisetschema.dll:
417fe4.dfc: CreationTime: 2009-07-13T23:18:54.866423200Z
418fe4.dfc: LastWriteTime: 2009-07-14T01:24:53.779000000Z
419fe4.dfc: ChangeTime: 2016-10-25T11:50:24.660087300Z
420fe4.dfc: FileAttributes: 0x20
421fe4.dfc: Size: 0x1a00
422fe4.dfc: NT Headers: 0xc0
423fe4.dfc: Timestamp: 0x4a5bdeab
424fe4.dfc: Machine: 0x8664 - amd64
425fe4.dfc: Timestamp: 0x4a5bdeab
426fe4.dfc: Image Version: 6.1
427fe4.dfc: SizeOfImage: 0x50000 (327680)
428fe4.dfc: Resource Dir: 0x30000 LB 0x3f0
429fe4.dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
430fe4.dfc: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]
431fe4.dfc: ProductName: Microsoft® Windows® Operating System
432fe4.dfc: ProductVersion: 6.1.7600.16385
433fe4.dfc: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
434fe4.dfc: FileDescription: ApiSet Schema DLL
435fe4.dfc: supR3HardenedWinFindAdversaries: 0x0
436fe4.dfc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\VirtualBox'
437fe4.dfc: Calling main()
438fe4.dfc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
439fe4.dfc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\VirtualBox'
440fe4.dfc: '\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe' has no imports
441fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.exe)
442fe4.dfc: SUPR3HardenedMain: Final process, opening VBoxDrv...
443fe4.dfc: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002d0000 LB 0x400000)
444fe4.dfc: supR3HardNtEnableThreadCreation:
445fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSupLib.dll)
446fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSupLib.dll
447fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
448fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
449fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef98e0000 LB 0x00005000 C:\Program Files\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
450fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
451fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
452fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
453fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef98e0000 'C:\Program Files\VirtualBox\VBoxSupLib.DLL'
454fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
455fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
456fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef98e0000 'C:\Program Files\VirtualBox\VBoxSupLib.DLL'
457fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef98e0000 'C:\Program Files\VirtualBox\VBoxSupLib.DLL'
458fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wintrust.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
459fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wintrust.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
460fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
461fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
462fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
463fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
464fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
465fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
466fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
467fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
468fe4.dfc: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
469fe4.dfc: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
470fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
471fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
472fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
473fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
474fe4.dfc: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
475fe4.dfc: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
476fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
477fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
478fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
479fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
480fe4.dfc: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
481fe4.dfc: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
482fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
483fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
484fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
485fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
486fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
487fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
488fe4.dfc: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
489fe4.dfc: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
490fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
491fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
492fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
493fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
494fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
495fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
496fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
497fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
498fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
499fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
500fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd270000 LB 0x0003a000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
501fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
502fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefec70000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
503fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
504fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd100000 LB 0x00167000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
505fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
506fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd0f0000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
507fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
508fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd420000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
509fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
510fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd270000 'C:\Windows\system32\Wintrust.dll'
511fe4.dfc: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
512fe4.dfc: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
513fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
514fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
515fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
516fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
517fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefcad0000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
518fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
519fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcad0000 'C:\Windows\system32\bcrypt.dll'
520fe4.dfc: bcrypt.dll loaded at 000007fefcad0000, BCryptOpenAlgorithmProvider at 000007fefcad2640, preloading providers:
521fe4.dfc: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
522fe4.dfc: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
523fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
524fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
525fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
526fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
527fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
528fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
529fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
530fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
531fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
532fe4.dfc: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
533fe4.dfc: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
534fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
535fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
536fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
537fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
538fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
539fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
540fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
541fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
542fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
543fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
544fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
545fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
546fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefc5e0000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
547fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
548fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefdba0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
549fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
550fe4.dfc: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
551fe4.dfc: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
552fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
553fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
554fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
555fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
556fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefed10000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
557fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
558fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5e0000 'C:\Windows\system32\bcryptprimitives.dll'
559fe4.dfc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000094afb0)
560fe4.dfc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000094c840)
561fe4.dfc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000094c960)
562fe4.dfc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000094cb70)
563fe4.dfc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000094cc90)
564fe4.dfc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000094cdb0)
565fe4.dfc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000094cff0)
566fe4.dfc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000094d110)
567fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
568fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
569fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
570fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
571fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
572fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
573fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
574fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
575fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
576fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
577fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
578fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
579fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefca20000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
580fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
581fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca20000 'C:\Windows\system32\CRYPTSP.dll'
582fe4.dfc: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
583fe4.dfc: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
584fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
585fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
586fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
587fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
588fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
589fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
590fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
591fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
592fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefc560000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
593fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
594fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc560000 'C:\Windows\system32\rsaenh.dll'
595fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
596fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
597fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\ADVAPI32.dll'
598fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
599fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
600fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
601fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
602fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
603fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
604fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
605fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
606fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf80000 'C:\Windows\system32\CRYPTBASE.dll'
607fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
608fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
609fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fe0000 'C:\Windows\system32\kernel32.dll'
610fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
611fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
612fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd270000 'C:\Windows\system32\WINTRUST.DLL'
613fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
614fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
615fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd100000 'C:\Windows\system32\CRYPT32.dll'
616fe4.dfc: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
617fe4.dfc: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
618fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
619fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
620fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
621fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
622fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
623fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
624fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
625fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
626fe4.dfc: supR3HardenedDllNotificationCallback: load 000007feff270000 LB 0x00017000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
627fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
628fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff270000 'C:\Windows\system32\imagehlp.dll'
629fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
630fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
631fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca20000 'C:\Windows\system32\CRYPTSP.dll'
632fe4.dfc: \Device\HarddiskVolume2\Windows\System32\user32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
633fe4.dfc: \Device\HarddiskVolume2\Windows\System32\user32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
634fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
635fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
636fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
637fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
638fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
639fe4.dfc: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
640fe4.dfc: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
641fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
642fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
643fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
644fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
645fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
646fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
647fe4.dfc: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
648fe4.dfc: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
649fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
650fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
651fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
652fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
653fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
654fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
655fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
656fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
657fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
658fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
659fe4.dfc: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
660fe4.dfc: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
661fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
662fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
663fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
664fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
665fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
666fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
667fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
668fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
669fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
670fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
671fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
672fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
673fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
674fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
675fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
676fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
677fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
678fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
679fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
680fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
681fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
682fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
683fe4.dfc: supR3HardenedDllNotificationCallback: load 0000000076ee0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
684fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
685fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd6a0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
686fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
687fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd840000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
688fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
689fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd710000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
690fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
691fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
692fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
693fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6a0000 'C:\Windows\system32\gdi32.dll'
694fe4.dfc: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
695fe4.dfc: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
696fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
697fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
698fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
699fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
700fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
701fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
702fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
703fe4.dfc: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
704fe4.dfc: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
705fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
706fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
707fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
708fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
709fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
710fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
711fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
712fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
713fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
714fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
715fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
716fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
717fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
718fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
719fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
720fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
721fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
722fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
723fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
724fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
725fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
726fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
727fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
728fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
729fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
730fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
731fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd660000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
732fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
733fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd550000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
734fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
735fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd660000 'C:\Windows\system32\IMM32.DLL'
736fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076ee0000 'C:\Windows\system32\USER32.dll'
737fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
738fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
739fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
740fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
741fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
742fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
743fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
744fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
745fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
746fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
747fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
748fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
749fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
750fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
751fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
752fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
753fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
754fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
755fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefca80000 LB 0x0004e000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
756fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
757fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca80000 'C:\Windows\system32\ncrypt.dll'
758fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
759fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
760fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcad0000 'C:\Windows\system32\bcrypt.dll'
761fe4.dfc: \Device\HarddiskVolume2\Windows\System32\userenv.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
762fe4.dfc: \Device\HarddiskVolume2\Windows\System32\userenv.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
763fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
764fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
765fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
766fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
767fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
768fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
769fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
770fe4.dfc: \Device\HarddiskVolume2\Windows\System32\profapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
771fe4.dfc: \Device\HarddiskVolume2\Windows\System32\profapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
772fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
773fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
774fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
775fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
776fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
777fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
778fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
779fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
780fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
781fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
782fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
783fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
784fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
785fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
786fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefc380000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
787fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
788fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
789fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd050000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
790fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
791fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc380000 'C:\Windows\system32\USERENV.dll'
792fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
793fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
794fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
795fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
796fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
797fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
798fe4.dfc: \Device\HarddiskVolume2\Windows\System32\gpapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
799fe4.dfc: \Device\HarddiskVolume2\Windows\System32\gpapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
800fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
801fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
802fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
803fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
804fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
805fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
806fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
807fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
808fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
809fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
810fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
811fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
812fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefc360000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
813fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
814fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc360000 'C:\Windows\system32\GPAPI.dll'
815fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
816fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
817fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-WIN-Service-Management-L1-1-0.dll'
818fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
819fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
820fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd420000 'C:\Windows\system32\rpcrt4.dll'
821fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
822fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
823fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-WIN-Service-Management-L2-1-0.dll'
824fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
825fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
826fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
827fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
828fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
829fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
830fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'crypt32.dll'.
831fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wldap32.dll'.
832fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
833fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
834fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
835fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
836fe4.dfc: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
837fe4.dfc: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
838fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
839fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
840fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
841fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
842fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
843fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
844fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
845fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
846fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
847fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
848fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
849fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
850fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
851fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
852fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef5e10000 LB 0x00026000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
853fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
854fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd7e0000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
855fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
856fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
857fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
858fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
859fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
860fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
861fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
862fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
863fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
864fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
865fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
866fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
867fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
868fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
869fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
870fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
871fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
872fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
873fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
874fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
875fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
876fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
877fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
878fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
879fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
880fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
881fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
882fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
883fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
884fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
885fe4.dfc: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
886fe4.dfc: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
887fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
888fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
889fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
890fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
891fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
892fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
893fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
894fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
895fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
896fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
897fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
898fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
899fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
900fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
901fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
902fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
903fe4.dfc: supR3HardenedDllNotificationCallback: load 000007feff0c0000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
904fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
905fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0c0000 'C:\Windows\system32\SHLWAPI.dll'
906fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
907fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
908fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
909fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
910fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
911fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd050000 'C:\Windows\system32\profapi.dll'
912fe4.dfc: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
913fe4.dfc: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
914fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
915fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
916fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
917fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
918fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
919fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
920fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
921fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)
922fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
923fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
924fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
925fe4.dfc: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
926fe4.dfc: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
927fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
928fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
929fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
930fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
931fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
932fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
933fe4.dfc: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
934fe4.dfc: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
935fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
936fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
937fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
938fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
939fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
940fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)
941fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
942fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
943fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
944fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
945fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
946fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
947fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
948fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
949fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
950fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
951fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
952fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
953fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
954fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
955fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
956fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
957fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
958fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
959fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
960fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
961fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
962fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
963fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
964fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
965fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
966fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
967fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
968fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
969fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
970fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
971fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
972fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
973fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
974fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
975fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
976fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
977fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
978fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
979fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
980fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
981fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
982fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
983fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
984fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
985fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
986fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
987fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
988fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
989fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
990fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
991fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
992fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)
993fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
994fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
995fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
996fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
997fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
998fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
999fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1000fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1001fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1002fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1003fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1004fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1005fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1006fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1007fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1008fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1009fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1010fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1011fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1012fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\setupapi.dll (Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1013fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
1014fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefea10000 LB 0x001d7000 C:\Windows\system32\setupapi.dll [fFlags=0x0]
1015fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
1016fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd2b0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1017fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
1018fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefed30000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1019fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
1020fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd850000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
1021fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
1022fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd2f0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1023fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust]
1024fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
1025fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1026fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fe0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1027fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea10000 'C:\Windows\system32\setupapi.dll'
1028fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cabinet.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1029fe4.dfc: \Device\HarddiskVolume2\Windows\System32\cabinet.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1030fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1031fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cabinet.dll)
1032fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cabinet.dll
1033fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1034fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1035fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1036fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll (Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1037fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
1038fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef7560000 LB 0x0001b000 C:\Windows\system32\Cabinet.dll [fFlags=0x0]
1039fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
1040fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7560000 'C:\Windows\system32\Cabinet.dll'
1041fe4.dfc: \Device\HarddiskVolume2\Windows\System32\devrtl.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1042fe4.dfc: \Device\HarddiskVolume2\Windows\System32\devrtl.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1043fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1044fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devrtl.dll)
1045fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devrtl.dll
1046fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1047fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1048fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1049fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll (Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1050fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
1051fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefc3a0000 LB 0x00012000 C:\Windows\system32\DEVRTL.dll [fFlags=0x0]
1052fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
1053fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3a0000 'C:\Windows\system32\DEVRTL.dll'
1054fe4.dfc: supR3HardenedDllNotificationCallback: Unload 000007fefea10000 LB 0x001d7000 C:\Windows\system32\setupapi.dll [flags=0x0]
1055fe4.dfc: supR3HardenedDllNotificationCallback: Unload 000007fefd2f0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [flags=0x0]
1056fe4.dfc: supR3HardenedDllNotificationCallback: Unload 000007fefed30000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [flags=0x0]
1057fe4.dfc: supR3HardenedDllNotificationCallback: Unload 000007fefd850000 LB 0x00203000 C:\Windows\system32\ole32.dll [flags=0x0]
1058fe4.dfc: supR3HardenedDllNotificationCallback: Unload 000007fefd2b0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [flags=0x0]
1059fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1060fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5e10000 'C:\Windows\system32\cryptnet.dll'
1061fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1062fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000009456d0
1063fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1064fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6463B603CF12442718467D754A1EDC45CE1D6E7E
1065fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
1066fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1067fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1068fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
1069fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1070fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1071fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
1072fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1073fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
1074fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1075fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1076fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\ADVAPI32.dll'
1077fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
1078fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1079fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1080fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
1081fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1082fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1083fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\SystemRoot\System32\ntdll.dll'
1084fe4.dfc: g_pfnWinVerifyTrust=000007fefd271010
1085fe4.dfc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1086fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
1087fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1088fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1089fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=766DAE0DAEDFFD0DB96611658C619DD5922D2FEC
1090fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1091fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1092fe4.dfc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1093fe4.dfc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1094fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
1095fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1096fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1097fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E8D9B442D9CC38B2D0501106E104A42A4EE0B238
1098fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1099fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1100fe4.dfc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1101fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000450 pwszName=\Device\HarddiskVolume2\Windows\System32\devrtl.dll
1102fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1103fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1104fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
1105fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
1106fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1107fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
1108fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000444 pwszName=\Device\HarddiskVolume2\Windows\System32\cabinet.dll
1109fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1110fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1111fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D1555851298EA005A2E9FEA027F5898BC240083
1112fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cabinet.dll'
1113fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1114fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cabinet.dll'
1115fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000040c pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
1116fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1117fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1118fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
1119fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1120fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1121fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1122fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000408 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1123fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1124fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1125fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
1126fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1127fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1128fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1129fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000404 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1130fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1131fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1132fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=26A5C3FE898CBD66951D3BC65E742E0BE561E69B
1133fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1134fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1135fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1136fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003fc pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
1137fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1138fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1139fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
1140fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1141fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1142fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1143fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003f8 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
1144fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1145fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1146fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
1147fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1148fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1149fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1150fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003ec pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1151fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1152fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1153fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
1154fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1155fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1156fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1157fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003e0 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1158fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1159fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1160fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
1161fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1162fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1163fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1164fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003dc pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1165fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1166fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1167fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CA2FE16E05087DA5C24DC5EB2EE8053CDA5DE9A9
1168fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1169fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1170fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1171fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000278 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
1172fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1173fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1174fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
1175fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1176fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1177fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1178fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001e4 pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
1179fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1180fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1181fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
1182fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1183fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1184fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1185fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001e0 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
1186fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1187fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1188fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
1189fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1190fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1191fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1192fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001cc pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
1193fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1194fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1195fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3D482C50075646C922DC6A66C97956C5060C361B
1196fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1197fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1198fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1199fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b4 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
1200fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1201fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1202fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
1203fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1204fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1205fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1206fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b0 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
1207fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1208fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1209fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
1210fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1211fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1212fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1213fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001ac pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
1214fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1215fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1216fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=97AE9B5B40144F2794F30A891013393C80D631A1
1217fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1218fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1219fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1220fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a8 pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
1221fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1222fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1223fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A42DFBB8A3A26D2178D79D34DA1CE275E2A0BE37
1224fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1225fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1226fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1227fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
1228fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1229fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1230fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8F7179D2AEB0FEB168A01D182223AC2D7B8F331
1231fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1232fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1233fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1234fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
1235fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1236fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1237fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
1238fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
1239fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1240fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
1241fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
1242fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1243fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1244fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFE89CF1060867A10BD3963894BCDB4D3058F804
1245fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1246fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1247fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1248fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1249fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1250fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1251fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
1252fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1253fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1254fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1255fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
1256fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000012c pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1257fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1258fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1259fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
1260fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1261fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1262fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1263fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
1264fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1265fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1266fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
1267fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1268fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1269fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1270fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
1271fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1272fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1273fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBCDF817D89920EE3139FB7E090744EB36A4A21B
1274fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1275fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1276fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1277fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
1278fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1279fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1280fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1281fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
1282fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1283fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1284fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1285fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1286fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1287fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1288fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBEAC8C0FA88C88B540ACFE0683B1810C077AA53
1289fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1290fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1291fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1292fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
1293fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1294fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1295fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1296fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1297fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1298fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1299fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1300fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1301fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1302fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BC4D9E909DFDD2EE8BA1A5C857D73D49EBE7952C
1303fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1304fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1305fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1306fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSupLib.dll'
1307fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1308fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1309fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1310fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=06FEC3C858DB28D2F4BFBDA99AF14D4747A8C5D4
1311fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1312fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1313fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1314fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
1315fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1316fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1317fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D7AE634A00F24BBD4AE27DEA9BCCCE222DE9897B
1318fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1319fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1320fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1321fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1322fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1323fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd100000 'C:\Windows\system32\crypt32.dll'
1324fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1325fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1326fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1327fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1328fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1329fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1330fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1331fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1332fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1333fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1334fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1335fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1336fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1337fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1338fe4.dfc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1339fe4.dfc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=15
1340fe4.dfc: SUPR3HardenedMain: Load Runtime...
1341fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1342fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1343fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1344fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1345fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll) WinVerifyTrust
1346fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1347fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1348fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1349fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1350fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1351fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1352fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1353fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000430 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1354fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1355fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1356fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
1357fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
1358fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1359fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1360fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1361fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1362fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
1363fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1364fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1365fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1366fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1367fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll) WinVerifyTrust
1368fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
1369fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1370fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1371fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll) WinVerifyTrust
1372fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1373fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1374fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1375fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1376fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1377fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1378fe4.dfc: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1379fe4.dfc: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1380fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000454 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
1381fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1382fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1383fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
1384fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
1385fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1386fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) WinVerifyTrust
1387fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
1388fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1389fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1390fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1391fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1392fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1393fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1394fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef45c0000 LB 0x00595000 C:\Program Files\VirtualBox\VBoxRT.dll [fFlags=0x0]
1395fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1396fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1397fe4.dfc: supR3HardenedDllNotificationCallback: load 0000000073de0000 LB 0x000d2000 C:\Program Files\VirtualBox\MSVCR100.dll [fFlags=0x0]
1398fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1399fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
1400fe4.dfc: supR3HardenedDllNotificationCallback: load 0000000073d40000 LB 0x00098000 C:\Program Files\VirtualBox\MSVCP100.dll [fFlags=0x0]
1401fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
1402fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefee10000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1403fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1404fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd690000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1405fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
1406fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1407fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1408fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1409fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1410fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1411fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1412fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1413fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1414fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1415fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1416fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1417fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1418fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1419fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1420fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1421fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1422fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1423fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1424fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1425fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1426fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1427fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1428fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1429fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1430fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1431fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1432fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1433fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1434fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1435fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1436fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1437fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1438fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1439fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1440fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1441fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1442fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1443fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1444fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1445fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1446fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1447fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1448fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1449fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxRT.dll
1450fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1451fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1452fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1453fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1454fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45c0000 'C:\Program Files\VirtualBox\VBoxRT.dll'
1455fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1456fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1457fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd270000 'C:\Windows\system32\Wintrust.dll'
1458fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1459fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1460fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd100000 'C:\Windows\system32\crypt32.dll'
1461fe4.dfc: SUPR3HardenedMain: Load TrustedMain...
1462fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1463fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1464fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1465fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1466fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1467fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
1468fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
1469fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
1470fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1471fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1472fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
1473fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
1474fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
1475fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
1476fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
1477fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.dll) WinVerifyTrust
1478fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.dll
1479fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1480fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1481fe4.dfc: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1482fe4.dfc: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1483fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
1484fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1485fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1486fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1487fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
1488fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1489fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1490fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1491fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
1492fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1493fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1494fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1495fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1496fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1497fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1498fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1499fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1500fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1501fe4.dfc: \Device\HarddiskVolume2\Windows\System32\shell32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1502fe4.dfc: \Device\HarddiskVolume2\Windows\System32\shell32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1503fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
1504fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1505fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1506fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCF00DB9BBECF4126AB4076577BBA73C0F94BDF9
1507fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
1508fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1509fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1510fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1511fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1512fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1513fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) WinVerifyTrust
1514fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1515fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1516fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1517fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1518fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1519fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1520fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1521fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1522fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1523fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1524fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1525fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1526fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1527fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5OpenGLVBox.dll
1528fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
1529fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
1530fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1531fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1532fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
1533fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1534fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1535fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1536fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
1537fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
1538fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
1539fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5PrintSupportVBox.dll
1540fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1541fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1542fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1543fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1544fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1545fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1546fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1547fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1548fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1549fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1550fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5WidgetsVBox.dll
1551fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1552fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1553fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1554fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1555fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1556fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1557fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1558fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1559fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1560fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
1561fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll
1562fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1563fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1564fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1565fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1566fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1567fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1568fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1569fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1570fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1571fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1572fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
1573fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1574fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1575fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1576fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1577fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1578fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1579fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
1580fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1581fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1582fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1583fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1584fe4.dfc: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1585fe4.dfc: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1586fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000049c pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
1587fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1588fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1589fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
1590fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1591fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1592fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1593fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1594fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1595fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1596fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1597fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1598fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) WinVerifyTrust
1599fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1600fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1601fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1602fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1603fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1604fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1605fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1606fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a0 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
1607fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1608fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1609fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1610fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
1611fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1612fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1613fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1614fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1615fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1616fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1617fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1618fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) WinVerifyTrust
1619fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1620fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1621fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1622fe4.dfc: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1623fe4.dfc: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1624fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b4 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
1625fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1626fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1627fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
1628fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
1629fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1630fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1631fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1632fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1633fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) WinVerifyTrust
1634fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1635fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1636fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1637fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1638fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1639fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1640fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1641fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1642fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1643fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1644fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1645fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1646fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1647fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
1648fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1649fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1650fe4.dfc: \Device\HarddiskVolume2\Windows\System32\mpr.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1651fe4.dfc: \Device\HarddiskVolume2\Windows\System32\mpr.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1652fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c4 pwszName=\Device\HarddiskVolume2\Windows\System32\mpr.dll
1653fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1654fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1655fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
1656fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\mpr.dll'
1657fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1658fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll) WinVerifyTrust
1659fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll
1660fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1661fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1662fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1663fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1664fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1665fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1666fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1667fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1668fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1669fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1670fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1671fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1672fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1673fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1674fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1675fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1676fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1677fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1678fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1679fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
1680fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1681fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1682fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1683fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1684fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1685fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1686fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1687fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1688fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1689fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1690fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1691fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1692fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1693fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1694fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1695fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1696fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1697fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1698fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
1699fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1700fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1701fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1702fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1703fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1704fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1705fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1706fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1707fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll
1708fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1709fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1710fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
1711fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1712fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1713fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1714fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1715fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
1716fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1717fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1718fe4.dfc: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1719fe4.dfc: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1720fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1721fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1722fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1723fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
1724fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
1725fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1726fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1727fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1728fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1729fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1730fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1731fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1732fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll) WinVerifyTrust
1733fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1734fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1735fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1736fe4.dfc: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1737fe4.dfc: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1738fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d4 pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
1739fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1740fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1741fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
1742fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
1743fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1744fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1745fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1746fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1747fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv) WinVerifyTrust
1748fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
1749fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1750fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1751fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1752fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1753fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1754fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll
1755fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1756fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1757fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5WidgetsVBox.dll
1758fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1759fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1760fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1761fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1762fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1763fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1764fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1765fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1766fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1767fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1768fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1769fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll
1770fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1771fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1772fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5WidgetsVBox.dll
1773fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1774fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1775fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1776fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1777fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1778fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1779fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1780fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1781fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1782fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1783fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1784fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1785fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1786fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1787fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1788fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1789fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1790fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1791fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1792fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1793fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1794fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1795fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1796fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1797fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
1798fe4.dfc: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1799fe4.dfc: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1800fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
1801fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1802fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1803fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4D3B2DA266DE92D9E1311E30C810160CDC5BD5AA
1804fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
1805fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1806fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1807fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1808fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1809fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll) WinVerifyTrust
1810fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
1811fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1812fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1813fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1814fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1815fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1816fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1817fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1818fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1819fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1820fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1821fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1822fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1823fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1824fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1825fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1826fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1827fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1828fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1829fe4.dfc: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1830fe4.dfc: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1831fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1832fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1833fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1834fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
1835fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
1836fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1837fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1838fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1839fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1840fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) WinVerifyTrust
1841fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1842fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1843fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1844fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1845fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1846fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1847fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1848fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1849fe4.dfc: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1850fe4.dfc: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1851fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a4 pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
1852fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
1853fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
1854fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3FEC714D729F7CAEB9B7A25E2012B6A6E9007F5
1855fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
1856fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1857fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1858fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1859fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1860fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll) WinVerifyTrust
1861fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1862fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1863fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1864fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1865fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1866fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1867fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1868fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1869fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1870fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1871fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1872fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1873fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1874fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1875fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1876fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1877fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1878fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1879fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1880fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1881fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1882fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1883fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1884fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1885fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1886fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1887fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.dll
1888fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef3bb0000 LB 0x00a06000 C:\Program Files\VirtualBox\VirtualBox.dll [fFlags=0x0]
1889fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VirtualBox.dll
1890fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1891fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef4db0000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
1892fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1893fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1894fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef4fe0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
1895fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1896fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1897fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef3ab0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
1898fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1899fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1900fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef86b0000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
1901fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1902fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefea10000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
1903fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1904fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd2b0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1905fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1906fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefed30000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1907fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1908fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd850000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
1909fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1910fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd2f0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1911fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1912fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1913fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefb320000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
1914fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1915fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1916fe4.dfc: supR3HardenedDllNotificationCallback: load 0000000072e70000 LB 0x00565000 C:\Program Files\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1917fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1918fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefdc80000 LB 0x00d88000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
1919fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1920fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
1921fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef9730000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
1922fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
1923fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll
1924fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef34b0000 LB 0x005f7000 C:\Program Files\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1925fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll
1926fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5WidgetsVBox.dll
1927fe4.dfc: supR3HardenedDllNotificationCallback: load 0000000071f40000 LB 0x00561000 C:\Program Files\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1928fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5WidgetsVBox.dll
1929fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5PrintSupportVBox.dll
1930fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef3450000 LB 0x00051000 C:\Program Files\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
1931fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5PrintSupportVBox.dll
1932fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
1933fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef9560000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
1934fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
1935fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefda60000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
1936fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1937fe4.dfc: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
1938fe4.dfc: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in WinSxS).
1939fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1940fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1941fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1942fe4.dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll)
1943fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
1944fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef7610000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\COMCTL32.dll [fFlags=0x0]
1945fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [avoiding WinVerifyTrust]
1946fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5OpenGLVBox.dll
1947fe4.dfc: supR3HardenedDllNotificationCallback: load 00000000749f0000 LB 0x00054000 C:\Program Files\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1948fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5OpenGLVBox.dll
1949fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1950fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef7980000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
1951fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1952fe4.dfc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'.
1953fe4.dfc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll' [rescheduled]
1954fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
1955fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1956fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fe0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
1957fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1958fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1959fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1960fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1961fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1962fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1963fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1964fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1965fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd660000 'C:\Windows\system32\imm32.dll'
1966fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\ADVAPI32.DLL'
1967fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1968fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1969fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf80000 'C:\Windows\system32\cryptbase.dll'
1970fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3bb0000 'C:\Program Files\VirtualBox\VirtualBox.dll'
1971fe4.dfc: SUPR3HardenedMain: Calling TrustedMain (000007fef3bb14f0)...
1972fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1973fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1974fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd850000 'C:\Windows\system32\ole32.dll'
1975fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\ADVAPI32.dll'
1976fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
1977fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
1978fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd050000 'C:\Windows\system32\profapi.dll'
1979fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1980fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
1981fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1982fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1983fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1984fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
1985fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1986fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1987fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
1988fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
1989fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
1990fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
1991fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\platforms\qwindows.dll
1992fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1993fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1994fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1995fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1996fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5CoreVBox.dll
1997fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1998fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1999fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\Qt5GuiVBox.dll
2000fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2001fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2002fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2003fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2004fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2005fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2006fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2007fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2008fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2009fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2010fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2011fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2012fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2013fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
2014fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2015fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2016fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2017fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2018fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2019fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2020fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2021fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2022fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\platforms\qwindows.dll
2023fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef3320000 LB 0x0012e000 C:\Program Files\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2024fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\platforms\qwindows.dll
2025fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3320000 'C:\Program Files\VirtualBox\platforms\qwindows.dll'
2026fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
2027fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2028fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf80000 'C:\Windows\system32\CRYPTBASE.dll'
2029fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076ee0000 'C:\Windows\system32\user32.dll'
2030fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2031fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2032fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc80000 'C:\Windows\system32\shell32.dll'
2033fe4.dfc: \Device\HarddiskVolume2\Windows\System32\Wintab32.dll: Owner is administrators group.
2034fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'wtsapi32.dll'.
2035fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2036fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2037fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
2038fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2039fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\Wintab32.dll) WinVerifyTrust
2040fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wintab32.dll
2041fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2042fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2043fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2044fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2045fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2046fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2047fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2048fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2049fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2050fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2051fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wtsapi32.dll'...
2052fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wtsapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wtsapi32.dll' [rcNtRedir=0xc0150008]
2053fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wtsapi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2054fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wtsapi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2055fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000588 pwszName=\Device\HarddiskVolume2\Windows\System32\wtsapi32.dll
2056fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2057fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2058fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E653B4F2F82EC27E9205DC90EBEB7A5AAB37A8B0
2059fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wtsapi32.dll'
2060fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2061fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2062fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wtsapi32.dll) WinVerifyTrust
2063fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wtsapi32.dll
2064fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2065fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2066fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2067fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\Wintab32.dll
2068fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef3150000 LB 0x001cb000 C:\Windows\system32\wintab32.dll [fFlags=0x0]
2069fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\Wintab32.dll
2070fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wtsapi32.dll
2071fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefb340000 LB 0x00011000 C:\Windows\system32\WTSAPI32.dll [fFlags=0x0]
2072fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wtsapi32.dll
2073fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3150000 'C:\Windows\system32\wintab32.dll'
2074fe4.dfc: Error (rc=0):
2075fe4.dfc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Wacom_Tablet.dll
2076fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
2077fe4.dfc: Error (rc=0):
2078fe4.dfc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Pen_Tablet.dll
2079fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
2080fe4.dfc: Error (rc=0):
2081fe4.dfc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\ISD_Tablet.dll
2082fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
2083fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2084fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2085fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7980000 'C:\Windows\system32\winmm.dll'
2086fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2087fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2088fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7980000 'C:\Windows\system32\winmm.dll'
2089fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2090fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2091fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc80000 'C:\Windows\system32\shell32.dll'
2092fe4.dfc: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2093fe4.dfc: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2094fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000590 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2095fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2096fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2097fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
2098fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
2099fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2100fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2101fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2102fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
2103fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
2104fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2105fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2106fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2107fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2108fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2109fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2110fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2111fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2112fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2113fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefb9e0000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
2114fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2115fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9e0000 'C:\Windows\system32\uxtheme.dll'
2116fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\advapi32.dll'
2117fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
2118fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2119fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc380000 'C:\Windows\system32\userenv.dll'
2120fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2121fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2122fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fe0000 'C:\Windows\system32\kernel32.dll'
2123fe4.dfc: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2124fe4.dfc: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2125fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000059c pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2126fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2127fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2128fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
2129fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
2130fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2131fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2132fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2133fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2134fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2135fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2136fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2137fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll) WinVerifyTrust
2138fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2139fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2140fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2141fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2142fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2143fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2144fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2145fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2146fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2147fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2148fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
2149fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2150fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2151fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2152fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2153fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2154fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2155fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefdb00000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
2156fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2157fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb00000 'C:\Windows\system32\CLBCatQ.DLL'
2158fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2159fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2160fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\ADVAPI32.dll'
2161fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
2162fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2163fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca20000 'C:\Windows\system32\CRYPTSP.dll'
2164fe4.dfc: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2165fe4.dfc: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2166fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005c8 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2167fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2168fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2169fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
2170fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
2171fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2172fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2173fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
2174fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2175fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2176fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2177fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2178fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2179fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fefd030000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
2180fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2181fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd030000 'C:\Windows\system32\RpcRtRemote.dll'
2182fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2183fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2184fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2185fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2186fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2187fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2188fe4.1050: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxC.dll) WinVerifyTrust
2189fe4.1050: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxC.dll
2190fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2191fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2192fe4.1050: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2193fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2194fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2195fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2196fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2197fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2198fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2199fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2200fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2201fe4.1050: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
2202fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2203fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2204fe4.1050: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2205fe4.1050: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxC.dll
2206fe4.1050: supR3HardenedDllNotificationCallback: load 000007fef10c0000 LB 0x00546000 C:\Program Files\VirtualBox\VBoxC.dll [fFlags=0x0]
2207fe4.1050: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxC.dll
2208fe4.1050: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef10c0000 'C:\Program Files\VirtualBox\VBoxC.dll'
2209fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2210fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2211fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2212fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2213fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2214fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2215fe4.1050: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2216fe4.1050: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2217fe4.1050: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxProxyStub.dll
2218fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2219fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2220fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2221fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2222fe4.1050: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2223fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2224fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2225fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2226fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2227fe4.1050: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
2228fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2229fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2230fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2231fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2232fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2233fe4.1050: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2234fe4.1050: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2235fe4.1050: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxProxyStub.dll
2236fe4.1050: supR3HardenedDllNotificationCallback: load 000007fef3090000 LB 0x000ba000 C:\Program Files\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2237fe4.1050: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxProxyStub.dll
2238fe4.1050: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3090000 'C:\Program Files\VirtualBox\VBoxProxyStub.dll'
2239fe4.1050: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2240fe4.1050: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000319c200:C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2241fe4.1050: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed30000 'C:\Windows\system32\oleaut32.dll'
2242fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\ADVAPI32.dll'
2243fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6a0000 'C:\Windows\system32\gdi32.dll'
2244fe4.dfc: \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll: Owner is administrators group.
2245fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000006c8 pwszName=\Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2246fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2247fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2248fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0BAE97CCF37353CEC29DD8DDA0ACE75BB110451A
2249fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
2250fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000009456d0
2251fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2252fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0BAE97CCF37353CEC29DD8DDA0ACE75BB110451A
2253fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1168)
2254fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
2255fe4.dfc: supHardenedWinVerifyImageByHandle: -> -22900 (\Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll) WinVerifyTrust
2256fe4.dfc: Error (rc=0):
2257fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll: Not signed.
2258fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2259fe4.dfc: Error (rc=0):
2260fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2261fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2262fe4.d00: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2263fe4.d00: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2264fe4.d00: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
2265fe4.d00: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2266fe4.d00: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2267fe4.d00: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2268fe4.d00: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2269fe4.d00: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2270fe4.d00: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2271fe4.d00: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2272fe4.d00: supR3HardenedDllNotificationCallback: load 000007fef7600000 LB 0x0000e000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
2273fe4.d00: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2274fe4.d00: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7600000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
2275fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2276fe4.dfc: Error (rc=0):
2277fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=1 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2278fe4.dfc: Error (rc=0):
2279fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2280fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2281fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2282fe4.dfc: Error (rc=0):
2283fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2284fe4.dfc: Error (rc=0):
2285fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2286fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2287fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2288fe4.dfc: Error (rc=0):
2289fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=3 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2290fe4.dfc: Error (rc=0):
2291fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2292fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2293fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2294fe4.dfc: Error (rc=0):
2295fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2296fe4.dfc: Error (rc=0):
2297fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2298fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2299fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2300fe4.dfc: Error (rc=0):
2301fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2302fe4.dfc: Error (rc=0):
2303fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2304fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2305fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2306fe4.dfc: Error (rc=0):
2307fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=6 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2308fe4.dfc: Error (rc=0):
2309fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2310fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2311fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2312fe4.dfc: Error (rc=0):
2313fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=7 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2314fe4.dfc: Error (rc=0):
2315fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2316fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2317fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2318fe4.dfc: Error (rc=0):
2319fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=8 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2320fe4.dfc: Error (rc=0):
2321fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2322fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2323fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2324fe4.dfc: Error (rc=0):
2325fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=16 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2326fe4.dfc: Error (rc=0):
2327fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2328fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2329fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2330fe4.dfc: Error (rc=0):
2331fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2332fe4.dfc: Error (rc=0):
2333fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2334fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2335fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2336fe4.dfc: Error (rc=0):
2337fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2338fe4.dfc: Error (rc=0):
2339fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2340fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2341fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2342fe4.dfc: Error (rc=0):
2343fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2344fe4.dfc: Error (rc=0):
2345fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2346fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2347fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2348fe4.dfc: Error (rc=0):
2349fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2350fe4.dfc: Error (rc=0):
2351fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2352fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2353fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2354fe4.dfc: Error (rc=0):
2355fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=512 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2356fe4.dfc: Error (rc=0):
2357fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2358fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2359fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2360fe4.dfc: Error (rc=0):
2361fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=1024 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2362fe4.dfc: Error (rc=0):
2363fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2364fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2365fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2366fe4.dfc: Error (rc=0):
2367fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2048 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
2368fe4.dfc: Error (rc=0):
2369fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
2370fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
2371fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc80000 'C:\Windows\system32\shell32.dll'
2372fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd850000 'C:\Windows\system32\ole32.dll'
2373fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd850000 'C:\Windows\system32\ole32.dll'
2374fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed30000 'C:\Windows\system32\OLEAUT32.dll'
2375fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2376fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2377fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000948 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2378fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2379fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2380fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
2381fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB976902~31bf3856ad364e35~amd64~~6.1.1.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
2382fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2383fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2384fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
2385fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2386fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2387fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
2388fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
2389fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2390fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2391fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2392fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2393fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2394fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2395fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2396fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2397fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2398fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2399fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2400fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2401fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2402fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2403fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2404fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000954 pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2405fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2406fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2407fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
2408fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB976902~31bf3856ad364e35~amd64~~6.1.1.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
2409fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2410fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2411fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
2412fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2413fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2414fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
2415fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll) WinVerifyTrust
2416fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2417fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2418fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2419fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2420fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2421fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2422fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2423fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2424fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2425fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2426fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2427fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2428fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2429fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2430fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000031255f0:C:\Windows\system32\wbem;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2431fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2432fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef9d40000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2433fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2434fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2435fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef9ff0000 LB 0x00086000 C:\Windows\system32\wbemcomn.dll [fFlags=0x0]
2436fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2437fe4.dfc: supR3HardenedIsApiSetDll: '<NULL>' -> true
2438fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2439fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fe0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2440fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d40000 'C:\Windows\system32\wbem\wbemprox.dll'
2441fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2442fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2443fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000097c pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2444fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2445fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2446fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
2447fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
2448fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2449fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2450fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2451fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2452fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2453fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2454fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2455fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
2456fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2457fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2458fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000031255f0:C:\Windows\system32\wbem;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2459fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2460fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef9850000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2461fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2462fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9850000 'C:\Windows\system32\wbem\wbemsvc.dll'
2463fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2464fe4.dfc: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2465fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000984 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2466fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2467fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2468fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
2469fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB976902~31bf3856ad364e35~amd64~~6.1.1.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
2470fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2471fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2472fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
2473fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2474fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2475fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2476fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
2477fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2478fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2479fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
2480fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
2481fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2482fe4.dfc: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2483fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000990 pwszName=\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2484fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2485fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2486fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
2487fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
2488fe4.dfc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2489fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2490fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
2491fe4.dfc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
2492fe4.dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll) WinVerifyTrust
2493fe4.dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2494fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2495fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2496fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2497fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2498fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2499fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2500fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2501fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2502fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2503fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2504fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2505fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2506fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2507fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2508fe4.dfc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2509fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2510fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2511fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2512fe4.dfc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2513fe4.dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000031255f0:C:\Windows\system32\wbem;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2514fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2515fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef9ec0000 LB 0x000e2000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2516fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2517fe4.dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2518fe4.dfc: supR3HardenedDllNotificationCallback: load 000007fef9e90000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
2519fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2520fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ec0000 'C:\Windows\system32\wbem\fastprox.dll'
2521fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed30000 'C:\Windows\system32\OLEAUT32.dll'
2522fe4.abc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2523fe4.abc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
2524fe4.abc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2525fe4.abc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll) WinVerifyTrust
2526fe4.abc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2527fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2528fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2529fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
2530fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
2531fe4.abc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
2532fe4.abc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2533fe4.abc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2534fe4.abc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxREM.dll) WinVerifyTrust
2535fe4.abc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxREM.dll
2536fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2537fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2538fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2539fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2540fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2541fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2542fe4.abc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2543fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2544fe4.abc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2545fe4.abc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2546fe4.abc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2547fe4.abc: supR3HardenedDllNotificationCallback: load 000007fef0df0000 LB 0x002ca000 C:\Program Files\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2548fe4.abc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2549fe4.abc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxREM.dll
2550fe4.abc: supR3HardenedDllNotificationCallback: load 0000000073c30000 LB 0x0010b000 C:\Program Files\VirtualBox\VBoxREM.dll [fFlags=0x0]
2551fe4.abc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxREM.dll
2552fe4.abc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0df0000 'C:\Program Files\VirtualBox\VBoxVMM.DLL'
2553fe4.12c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2554fe4.12c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2555fe4.12c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2556fe4.12c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2557fe4.12c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
2558fe4.12c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedClipboard.dll
2559fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2560fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2561fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2562fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2563fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2564fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2565fe4.12c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2566fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2567fe4.12c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2568fe4.12c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2569fe4.12c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedClipboard.dll
2570fe4.12c0: supR3HardenedDllNotificationCallback: load 000007fef64b0000 LB 0x0000b000 C:\Program Files\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2571fe4.12c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedClipboard.dll
2572fe4.12c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef64b0000 'C:\Program Files\VirtualBox\VBoxSharedClipboard.DLL'
2573fe4.12c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076ee0000 'C:\Windows\system32\User32.dll'
2574fe4.5d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2575fe4.5d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2576fe4.5d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2577fe4.5d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
2578fe4.5d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDragAndDropSvc.dll
2579fe4.5d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2580fe4.5d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2581fe4.5d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2582fe4.5d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2583fe4.5d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll
2584fe4.5d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2585fe4.5d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2586fe4.5d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll
2587fe4.5d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2588fe4.5d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDragAndDropSvc.dll
2589fe4.5d4: supR3HardenedDllNotificationCallback: load 000007fef4fd0000 LB 0x0000d000 C:\Program Files\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2590fe4.5d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDragAndDropSvc.dll
2591fe4.5d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4fd0000 'C:\Program Files\VirtualBox\VBoxDragAndDropSvc.DLL'
2592fe4.105c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2593fe4.105c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2594fe4.105c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2595fe4.105c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
2596fe4.105c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestPropSvc.dll
2597fe4.105c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2598fe4.105c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2599fe4.105c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2600fe4.105c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2601fe4.105c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2602fe4.105c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2603fe4.105c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2604fe4.105c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestPropSvc.dll
2605fe4.105c: supR3HardenedDllNotificationCallback: load 000007fef4fc0000 LB 0x0000c000 C:\Program Files\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
2606fe4.105c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestPropSvc.dll
2607fe4.105c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4fc0000 'C:\Program Files\VirtualBox\VBoxGuestPropSvc.DLL'
2608fe4.10cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2609fe4.10cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2610fe4.10cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2611fe4.10cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
2612fe4.10cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestControlSvc.dll
2613fe4.10cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2614fe4.10cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2615fe4.10cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2616fe4.10cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2617fe4.10cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2618fe4.10cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2619fe4.10cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2620fe4.10cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestControlSvc.dll
2621fe4.10cc: supR3HardenedDllNotificationCallback: load 000007fef4fb0000 LB 0x0000b000 C:\Program Files\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
2622fe4.10cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxGuestControlSvc.dll
2623fe4.10cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4fb0000 'C:\Program Files\VirtualBox\VBoxGuestControlSvc.DLL'
2624fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc80000 'C:\Windows\system32\Shell32.dll'
2625fe4.9f8: supR3HardenedIsApiSetDll: '<NULL>' -> true
2626fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2627fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
2628fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2629fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2630fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0df0000 'C:\Program Files\VirtualBox\VBoxVMM.DLL'
2631fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2632fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2633fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2634fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2635fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2636fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
2637fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2638fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2639fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2640fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2641fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2642fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2643fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2644fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2645fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2646fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2647fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2648fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2649fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2650fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2c80000 LB 0x00041000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
2651fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2652fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c80000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
2653fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef2c80000 LB 0x00041000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
2654fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2655fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2656fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2657fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
2658fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
2659fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2660fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
2661fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
2662fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
2663fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
2664fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD.dll) WinVerifyTrust
2665fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD.dll
2666fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2667fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2668fe4.9f8: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2669fe4.9f8: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2670fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bc8 pwszName=\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2671fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2672fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2673fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
2674fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL'
2675fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2676fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2677fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
2678fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
2679fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
2680fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
2681fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2682fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2683fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2684fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2685fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2686fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2687fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2688fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2689fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
2690fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2691fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2692fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
2693fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
2694fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2695fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2696fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD2.dll) WinVerifyTrust
2697fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD2.dll
2698fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
2699fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
2700fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2701fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2702fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2703fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
2704fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2705fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDDU.dll) WinVerifyTrust
2706fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDDU.dll
2707fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2708fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2709fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2710fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2711fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2712fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2713fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2714fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2715fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2716fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2717fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2718fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
2719fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2720fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2721fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2722fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2723fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2724fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2725fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2726fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2727fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2728fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2729fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2730fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2731fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
2732fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
2733fe4.9f8: \Device\HarddiskVolume2\Windows\System32\winnsi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2734fe4.9f8: \Device\HarddiskVolume2\Windows\System32\winnsi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2735fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bb4 pwszName=\Device\HarddiskVolume2\Windows\System32\winnsi.dll
2736fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2737fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2738fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
2739fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
2740fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2741fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2742fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2743fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
2744fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winnsi.dll) WinVerifyTrust
2745fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winnsi.dll
2746fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2747fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2748fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
2749fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2750fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2751fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2752fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2753fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
2754fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2755fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2756fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2757fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2758fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2759fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD.dll
2760fe4.9f8: supR3HardenedDllNotificationCallback: load 000007feede80000 LB 0x009cf000 C:\Program Files\VirtualBox\VBoxDD.DLL [fFlags=0x0]
2761fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD.dll
2762fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDDU.dll
2763fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef3020000 LB 0x00063000 C:\Program Files\VirtualBox\VBoxDDU.dll [fFlags=0x0]
2764fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDDU.dll
2765fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD2.dll
2766fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2cd0000 LB 0x0005d000 C:\Program Files\VirtualBox\VBoxDD2.dll [fFlags=0x0]
2767fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD2.dll
2768fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2769fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefada0000 LB 0x00027000 C:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
2770fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2771fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
2772fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefad90000 LB 0x0000b000 C:\Windows\system32\WINNSI.DLL [fFlags=0x0]
2773fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
2774fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feede80000 'C:\Program Files\VirtualBox\VBoxDD.DLL'
2775fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2776fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2777fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2778fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2c80000 LB 0x00041000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
2779fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2780fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c80000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
2781fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxC.dll
2782fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2783fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef10c0000 'C:\Program Files\VirtualBox\VBoxC.DLL'
2784fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxDD2.dll
2785fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2786fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2cd0000 'C:\Program Files\VirtualBox\VBoxDD2.DLL'
2787fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2788fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2789fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
2790fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
2791fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2792fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2793fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2794fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2795fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2796fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
2797fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2f30000 LB 0x0001f000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
2798fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
2799fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2f30000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
2800fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2801fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2802fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
2803fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
2804fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2805fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2806fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2807fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2808fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2809fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
2810fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2c60000 LB 0x00018000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
2811fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
2812fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c60000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
2813fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2814fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2815fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
2816fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
2817fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2818fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2819fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2820fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2821fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2822fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
2823fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef0dd0000 LB 0x00018000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
2824fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
2825fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0dd0000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
2826fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2827fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2828fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
2829fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
2830fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2831fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2832fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2833fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2834fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2835fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
2836fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef0db0000 LB 0x00019000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
2837fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
2838fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0db0000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
2839fe4.1b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2840fe4.1b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2841fe4.1b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2842fe4.1b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
2843fe4.1b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedFolders.dll
2844fe4.1b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2845fe4.1b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2846fe4.1b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2847fe4.1b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2848fe4.1b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxVMM.dll
2849fe4.1b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2850fe4.1b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2851fe4.1b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2852fe4.1b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedFolders.dll
2853fe4.1b0: supR3HardenedDllNotificationCallback: load 000007fef2f20000 LB 0x0000d000 C:\Program Files\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
2854fe4.1b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\VBoxSharedFolders.dll
2855fe4.1b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2f20000 'C:\Program Files\VirtualBox\VBoxSharedFolders.DLL'
2856fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2857fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2858fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2859fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2860fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
2861fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
2862fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
2863fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2864fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2865fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2866fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2867fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2868fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2869fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2870fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2871fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2872fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2873fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2874fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2875fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
2876fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2f50000 LB 0x000cd000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
2877fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
2878fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2f50000 'C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
2879fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2880fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2881fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefada0000 'C:\Windows\system32\Iphlpapi.dll'
2882fe4.9f8: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2883fe4.9f8: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2884fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d4c pwszName=\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
2885fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2886fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2887fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3B9B444EEE6F858BAE572BDDE53A4FA1A1E7957B
2888fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll'
2889fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2890fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2891fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2892fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
2893fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll) WinVerifyTrust
2894fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
2895fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2896fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2897fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2898fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2899fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2900fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2901fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2902fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc6.DLL (Input=dhcpcsvc6.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2903fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
2904fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefac20000 LB 0x00011000 C:\Windows\system32\dhcpcsvc6.DLL [fFlags=0x0]
2905fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
2906fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac20000 'C:\Windows\system32\dhcpcsvc6.DLL'
2907fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2908fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2909fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefada0000 'C:\Windows\system32\IPHLPAPI.DLL'
2910fe4.9f8: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2911fe4.9f8: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2912fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d68 pwszName=\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
2913fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2914fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2915fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D89E2D6AED9A19082ECA108BEEF81A904C7A9756
2916fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll'
2917fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2918fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2919fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2920fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
2921fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
2922fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll) WinVerifyTrust
2923fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
2924fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2925fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2926fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
2927fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2928fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2929fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2930fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2931fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2932fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2933fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc.DLL (Input=dhcpcsvc.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2934fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
2935fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefaae0000 LB 0x00018000 C:\Windows\system32\dhcpcsvc.DLL [fFlags=0x0]
2936fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
2937fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaae0000 'C:\Windows\system32\dhcpcsvc.DLL'
2938fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2939fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2940fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefada0000 'C:\Windows\system32\IPHLPAPI.DLL'
2941fe4.9f8: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2942fe4.9f8: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2943fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ddc pwszName=\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2944fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2945fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2946fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
2947fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll'
2948fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2949fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2950fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2951fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2952fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
2953fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll) WinVerifyTrust
2954fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2955fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
2956fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
2957fe4.9f8: \Device\HarddiskVolume2\Windows\System32\propsys.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
2958fe4.9f8: \Device\HarddiskVolume2\Windows\System32\propsys.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2959fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000de0 pwszName=\Device\HarddiskVolume2\Windows\System32\propsys.dll
2960fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
2961fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
2962fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
2963fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\propsys.dll'
2964fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2965fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2966fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
2967fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
2968fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2969fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2970fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\propsys.dll) WinVerifyTrust
2971fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll
2972fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2973fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2974fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2975fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2976fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2977fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2978fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2979fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2980fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2981fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2982fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2983fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2984fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2985fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2986fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2987fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2988fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003183b00:C:\Windows\System32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
2989fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2990fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefb4a0000 LB 0x0004b000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
2991fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
2992fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll
2993fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefb370000 LB 0x0012c000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
2994fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll
2995fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\ADVAPI32.dll'
2996fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb4a0000 'C:\Windows\System32\MMDevApi.dll'
2997fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd850000 'C:\Windows\system32\ole32.dll'
2998fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
2999fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3000fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea10000 'C:\Windows\system32\SETUPAPI.dll'
3001fe4.80c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
3002fe4.80c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3003fe4.80c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2b0000 'C:\Windows\system32\CFGMGR32.dll'
3004fe4.9f8: \Device\HarddiskVolume2\Windows\System32\dsound.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3005fe4.9f8: \Device\HarddiskVolume2\Windows\System32\dsound.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3006fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e40 pwszName=\Device\HarddiskVolume2\Windows\System32\dsound.dll
3007fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3008fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3009fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
3010fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\dsound.dll'
3011fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3012fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3013fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
3014fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3015fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3016fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
3017fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
3018fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dsound.dll) WinVerifyTrust
3019fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dsound.dll
3020fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
3021fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
3022fe4.9f8: \Device\HarddiskVolume2\Windows\System32\powrprof.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3023fe4.9f8: \Device\HarddiskVolume2\Windows\System32\powrprof.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3024fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e44 pwszName=\Device\HarddiskVolume2\Windows\System32\powrprof.dll
3025fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3026fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3027fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
3028fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\powrprof.dll'
3029fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3030fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3031fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
3032fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
3033fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\powrprof.dll) WinVerifyTrust
3034fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\powrprof.dll
3035fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3036fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3037fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
3038fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3039fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3040fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3041fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3042fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3043fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3044fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3045fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3046fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3047fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3048fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
3049fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3050fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3051fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3052fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3053fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000003183b00:C:\Windows\System32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3054fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3055fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef03e0000 LB 0x00088000 C:\Windows\System32\dsound.dll [fFlags=0x0]
3056fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3057fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\powrprof.dll
3058fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefa6a0000 LB 0x0002c000 C:\Windows\System32\POWRPROF.dll [fFlags=0x0]
3059fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\powrprof.dll
3060fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3061fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3062fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef03e0000 'C:\Windows\System32\dsound.dll'
3063fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef03e0000 'C:\Windows\System32\dsound.dll'
3064fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3065fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3066fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef03e0000 'C:\Windows\system32\dsound.dll'
3067fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
3068fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3069fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0c0000 'C:\Windows\system32\SHLWAPI.dll'
3070fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3071fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3072fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb4a0000 'C:\Windows\system32\MMDEVAPI.DLL'
3073fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd850000 'C:\Windows\system32\ole32.dll'
3074fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
3075fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3076fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7980000 'C:\Windows\system32\winmm.dll'
3077fe4.9f8: supR3HardenedIsApiSetDll: '<NULL>' -> true
3078fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3079fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-WIN-Service-Management-L1-1-0.dll'
3080fe4.9f8: supR3HardenedIsApiSetDll: '<NULL>' -> true
3081fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3082fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
3083fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd420000 'C:\Windows\system32\RPCRT4.dll'
3084fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3085fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3086fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb4a0000 'C:\Windows\system32\MMDevAPI.DLL'
3087fe4.9f8: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3088fe4.9f8: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3089fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e60 pwszName=\Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3090fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3091fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3092fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
3093fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wdmaud.drv'
3094fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3095fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3096fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3097fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3098fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3099fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
3100fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
3101fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
3102fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
3103fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv) WinVerifyTrust
3104fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3105fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
3106fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
3107fe4.9f8: \Device\HarddiskVolume2\Windows\System32\avrt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3108fe4.9f8: \Device\HarddiskVolume2\Windows\System32\avrt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3109fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e70 pwszName=\Device\HarddiskVolume2\Windows\System32\avrt.dll
3110fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3111fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3112fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
3113fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\avrt.dll'
3114fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3115fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\avrt.dll) WinVerifyTrust
3116fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll
3117fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3118fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3119fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3120fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
3121fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
3122fe4.9f8: \Device\HarddiskVolume2\Windows\System32\ksuser.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3123fe4.9f8: \Device\HarddiskVolume2\Windows\System32\ksuser.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3124fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e64 pwszName=\Device\HarddiskVolume2\Windows\System32\ksuser.dll
3125fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3126fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3127fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EC3873F9ACBE279185D3540F02128F42D21D0856
3128fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ksuser.dll'
3129fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3130fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3131fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll) WinVerifyTrust
3132fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll
3133fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3134fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3135fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
3136fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3137fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3138fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3139fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3140fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3141fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3142fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3143fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3144fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3145fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3146fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3147fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3148fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef0d70000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
3149fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3150fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll
3151fe4.9f8: supR3HardenedDllNotificationCallback: load 0000000074990000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0]
3152fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll
3153fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
3154fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fefa690000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0]
3155fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
3156fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3157fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3158fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3159fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3160fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3161fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3162fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3163fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3164fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3165fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3166fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3167fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3168fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3169fe4.9f8: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3170fe4.9f8: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3171fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e90 pwszName=\Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3172fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3173fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3174fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1B5BCEE9F60F75E176D19C778D9B6CD5DBEB84BB
3175fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\AudioSes.dll'
3176fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3177fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3178fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3179fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3180fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
3181fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3182fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
3183fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
3184fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll) WinVerifyTrust
3185fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3186fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3187fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3188fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3189fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3190fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3191fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3192fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3193fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3194fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3195fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
3196fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3197fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3198fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3199fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3200fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3201fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3202fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3203fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3204fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef78d0000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
3205fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3206fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef78d0000 'C:\Windows\system32\AUDIOSES.DLL'
3207fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3208fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3209fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3210fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3211fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3212fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3213fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3214fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3215fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3216fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3217fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3218fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3219fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0d70000 'C:\Windows\system32\wdmaud.drv'
3220fe4.9f8: \Device\HarddiskVolume2\Windows\System32\msacm32.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3221fe4.9f8: \Device\HarddiskVolume2\Windows\System32\msacm32.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3222fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e58 pwszName=\Device\HarddiskVolume2\Windows\System32\msacm32.drv
3223fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3224fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3225fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=522563F5384AD4C93CF5CF4EEA899D3267552328
3226fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msacm32.drv'
3227fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3228fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3229fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
3230fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
3231fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
3232fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
3233fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv) WinVerifyTrust
3234fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3235fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3236fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3237fe4.9f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3238fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
3239fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
3240fe4.9f8: \Device\HarddiskVolume2\Windows\System32\msacm32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3241fe4.9f8: \Device\HarddiskVolume2\Windows\System32\msacm32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3242fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e9c pwszName=\Device\HarddiskVolume2\Windows\System32\msacm32.dll
3243fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3244fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3245fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCA0A8AEE81B82C402AA72A300B2C8D2DC17C1DA
3246fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msacm32.dll'
3247fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3248fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3249fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3250fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
3251fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
3252fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
3253fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll) WinVerifyTrust
3254fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3255fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3256fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3257fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3258fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3259fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3260fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3261fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3262fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3263fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3264fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3265fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3266fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3267fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3268fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3269fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3270fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3271fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3272fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3273fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2dc0000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
3274fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3275fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3276fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef0d50000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0]
3277fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3278fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3279fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3280fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3281fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3282fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3283fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3284fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3285fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3286fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3287fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3288fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3289fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3290fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3291fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3292fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3293fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3294fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3295fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3296fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3297fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3298fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3299fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2dc0000 'C:\Windows\system32\msacm32.drv'
3300fe4.9f8: \Device\HarddiskVolume2\Windows\System32\midimap.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3301fe4.9f8: \Device\HarddiskVolume2\Windows\System32\midimap.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3302fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e80 pwszName=\Device\HarddiskVolume2\Windows\System32\midimap.dll
3303fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3304fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3305fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43116C5C719A4751DA70B12932084D73D7AACEA3
3306fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\midimap.dll'
3307fe4.9f8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3308fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3309fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
3310fe4.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
3311fe4.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\midimap.dll) WinVerifyTrust
3312fe4.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll
3313fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3314fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3315fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3316fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3317fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3318fe4.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3319fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3320fe4.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3321fe4.9f8: supR3HardenedDllNotificationCallback: load 000007fef2c50000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0]
3322fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3323fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c50000 'C:\Windows\system32\midimap.dll'
3324fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3325fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3326fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c50000 'C:\Windows\system32\midimap.dll'
3327fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3328fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3329fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c50000 'C:\Windows\system32\midimap.dll'
3330fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3331fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3332fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c50000 'C:\Windows\system32\midimap.dll'
3333fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7980000 'C:\Windows\system32\winmm.dll'
3334fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3335fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3336fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef03e0000 'C:\Windows\system32\dsound.dll'
3337fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7980000 'C:\Windows\system32\winmm.dll'
3338fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7980000 'C:\Windows\system32\WINMM.dll'
3339fe4.abc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed30000 'C:\Windows\system32\OLEAUT32.dll'
3340fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
3341fe4.dfc: Error (rc=0):
3342fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=4096 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
3343fe4.dfc: Error (rc=0):
3344fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
3345fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
3346fe4.11e0: \Device\HarddiskVolume2\Windows\System32\mswsock.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3347fe4.11e0: \Device\HarddiskVolume2\Windows\System32\mswsock.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3348fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f3c pwszName=\Device\HarddiskVolume2\Windows\System32\mswsock.dll
3349fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3350fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3351fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=622534330644BBBA6963C90CCFEC015B1518D5BA
3352fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\mswsock.dll'
3353fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3354fe4.11e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3355fe4.11e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
3356fe4.11e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3357fe4.11e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
3358fe4.11e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mswsock.dll) WinVerifyTrust
3359fe4.11e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mswsock.dll
3360fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3361fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3362fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3363fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3364fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3365fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3366fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3367fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3368fe4.11e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3369fe4.11e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mswsock.dll
3370fe4.11e0: supR3HardenedDllNotificationCallback: load 000007fefc860000 LB 0x00055000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
3371fe4.11e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mswsock.dll
3372fe4.11e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc860000 'C:\Windows\system32\mswsock.dll'
3373fe4.11e0: \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 51 d2 fd c9 5e 14 43 73 0b 52 b2 bd f4 01 00 00)
3374fe4.11e0: \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
3375fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f50 pwszName=\Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
3376fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009456d0
3377fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009456d0
3378fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EFFE58BB9FD8A94FD1609B7F82A43C8E09D98AA
3379fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL'
3380fe4.11e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3381fe4.11e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
3382fe4.11e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL) WinVerifyTrust
3383fe4.11e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
3384fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3385fe4.11e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3386fe4.11e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wshtcpip.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3387fe4.11e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
3388fe4.11e0: supR3HardenedDllNotificationCallback: load 000007fefc270000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [fFlags=0x0]
3389fe4.11e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
3390fe4.11e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc270000 'C:\Windows\System32\wshtcpip.dll'
3391fe4.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3392fe4.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3393fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef03e0000 'C:\Windows\system32\dsound.dll'
3394fe4.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7980000 'C:\Windows\system32\winmm.dll'
3395fe4.7d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3396fe4.7d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000319d2e0:C:\Windows\System32;;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3397fe4.7d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef78d0000 'C:\Windows\System32\audioses.dll'
3398fe4.114c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
3399fe4.114c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008a3eb0:C:\Program Files\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ [calling]
3400fe4.114c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa690000 'C:\Windows\system32\avrt.dll'
3401fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
3402fe4.dfc: Error (rc=0):
3403fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=8192 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
3404fe4.dfc: Error (rc=0):
3405fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
3406fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
3407fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
3408fe4.dfc: Error (rc=0):
3409fe4.dfc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=16384 \Device\HarddiskVolume2\Program Files (x86)\Quick Macros 2\ver 0x2030307\qmhook64.dll
3410fe4.dfc: Error (rc=0):
3411fe4.dfc: supR3HardenedMonitor_LdrLoadDll: rejecting 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll' (c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll): rcNt=0xc0000190
3412fe4.dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'c:\program files (x86)\quick macros 2\ver 0x2030307\qmhook64.dll'
3413fe4.1b0: supR3HardenedDllNotificationCallback: Unload 000007fef2f20000 LB 0x0000d000 C:\Program Files\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
3414fe4.10cc: supR3HardenedDllNotificationCallback: Unload 000007fef4fb0000 LB 0x0000b000 C:\Program Files\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
3415fe4.105c: supR3HardenedDllNotificationCallback: Unload 000007fef4fc0000 LB 0x0000c000 C:\Program Files\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
3416fe4.5d4: supR3HardenedDllNotificationCallback: Unload 000007fef4fd0000 LB 0x0000d000 C:\Program Files\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
3417fe4.12c0: supR3HardenedDllNotificationCallback: Unload 000007fef64b0000 LB 0x0000b000 C:\Program Files\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
3418fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fefc270000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [flags=0x0]
3419fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef0db0000 LB 0x00019000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [flags=0x0]
3420fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef0dd0000 LB 0x00018000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [flags=0x0]
3421fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef2c60000 LB 0x00018000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [flags=0x0]
3422fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef2f30000 LB 0x0001f000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [flags=0x0]
3423fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef2c80000 LB 0x00041000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
3424fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007feede80000 LB 0x009cf000 C:\Program Files\VirtualBox\VBoxDD.DLL [flags=0x0]
3425fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef2cd0000 LB 0x0005d000 C:\Program Files\VirtualBox\VBoxDD2.dll [flags=0x0]
3426fe4.9f8: supR3HardenedDllNotificationCallback: Unload 000007fef3020000 LB 0x00063000 C:\Program Files\VirtualBox\VBoxDDU.dll [flags=0x0]
3427fe4.dfc: supR3HardenedDllNotificationCallback: Unload 000007fef7600000 LB 0x0000e000 C:\Program Files\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [flags=0x0]
3428fe4.dfc: Terminating the normal way: rcExit=0
3429e7c.df4: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 176826 ms, the end);
343012d8.1364: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 177215 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy