VirtualBox

Ticket #9983: VBoxStartup.log

File VBoxStartup.log, 421.0 KB (added by raid, 10 years ago)
Line 
1558.1084: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2558.1084: Calling main()
3558.1084: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4558.1084: SUPR3HardenedMain: Respawn #1
5558.1084: System32: \Device\HarddiskVolume2\Windows\System32
6558.1084: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
7558.1084: ProgDir: \Device\HarddiskVolume2\Program Files
8558.1084: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
9558.1084: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
10558.1084: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
11558.1084: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
12558.1084: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
13558.1084: supR3HardNtEnableThreadCreation:
14558.1084: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007786c340 pvNtTerminateThread=00000000778917e0
15558.1084: supR3HardenedWinDoReSpawn(1): New child 6d8.1704 [kernel32].
16558.1084: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffd5000 cbPeb=0x380
17558.1084: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077840000 uNtDllChildAddr=0000000077840000
18558.1084: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=000000007786c340 uNtTerminateThread=00000000778917e0
19558.1084: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007786c340 pvNtTerminateThread=00000000778917e0
20558.1084: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
21558.1084: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000240000 LB 0x1a9000
22558.1084: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
23558.1084: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000077620000 LB 0x11f000
24558.1084: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
25558.1084: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefd6e0000 LB 0x6c000
26558.1084: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 31 ms
27558.1084: supR3HardNtEnableThreadCreation:
28558.1084: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
29558.1084: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
30558.1084: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
31558.1084: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
32558.1084: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
33558.1084: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
34558.1084: 0000000000041000-fffffffffff41fff 0x0001/0x0000 0x0000000
35558.1084: *0000000000140000-0000000000043fff 0x0000/0x0004 0x0020000
36558.1084: 000000000023c000-0000000000238fff 0x0104/0x0004 0x0020000
37558.1084: 000000000023f000-000000000023dfff 0x0004/0x0004 0x0020000
38558.1084: 0000000000240000-ffffffff88c3ffff 0x0001/0x0000 0x0000000
39558.1084: *0000000077840000-000000007783efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
40558.1084: 0000000077841000-000000007773efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41558.1084: 0000000077943000-0000000077913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
42558.1084: 0000000077972000-0000000077969fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
43558.1084: 000000007797a000-0000000077978fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
44558.1084: 000000007797b000-0000000077977fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
45558.1084: 000000007797e000-0000000077912fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
46558.1084: 00000000779e9000-00000000703f1fff 0x0001/0x0000 0x0000000
47558.1084: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
48558.1084: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
49558.1084: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
50558.1084: 000000007fff0000-ffffffffc0acffff 0x0001/0x0000 0x0000000
51558.1084: *000000013f510000-000000013f50efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
52558.1084: 000000013f511000-000000013f491fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
53558.1084: 000000013f590000-000000013f58efff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
54558.1084: 000000013f591000-000000013f559fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
55558.1084: 000000013f5c8000-000000013f5befff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
56558.1084: 000000013f5d1000-000000013f597fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
57558.1084: 000000013f60a000-fffff8037f0b3fff 0x0001/0x0000 0x0000000
58558.1084: *000007feffb60000-000007feffb5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
59558.1084: 000007feffb61000-000007fdff711fff 0x0001/0x0000 0x0000000
60558.1084: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
61558.1084: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
62558.1084: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
63558.1084: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
64558.1084: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
65558.1084: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
66558.1084: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
67558.1084: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
68558.1084: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
696d8.1704: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
706d8.1704: Calling main()
716d8.1704: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
726d8.1704: System32: \Device\HarddiskVolume2\Windows\System32
736d8.1704: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
746d8.1704: ProgDir: \Device\HarddiskVolume2\Program Files
756d8.1704: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
766d8.1704: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
776d8.1704: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
786d8.1704: supR3HardenedWinInit: Startup delay kludge #2/0: 125 ms, 8 sleeps
796d8.1704: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
806d8.1704: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
816d8.1704: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
826d8.1704: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
836d8.1704: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
846d8.1704: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
856d8.1704: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
866d8.1704: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
876d8.1704: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
886d8.1704: 00000000000b7000-000000000002dfff 0x0001/0x0000 0x0000000
896d8.1704: *0000000000140000-0000000000044fff 0x0000/0x0004 0x0020000
906d8.1704: 000000000023b000-0000000000238fff 0x0104/0x0004 0x0020000
916d8.1704: 000000000023d000-0000000000239fff 0x0004/0x0004 0x0020000
926d8.1704: 0000000000240000-00000000001affff 0x0001/0x0000 0x0000000
936d8.1704: *00000000002d0000-0000000000265fff 0x0004/0x0004 0x0020000
946d8.1704: 000000000033a000-00000000002a3fff 0x0000/0x0004 0x0020000
956d8.1704: *00000000003d0000-0000000000225fff 0x0004/0x0004 0x0020000
966d8.1704: 000000000057a000-ffffffff894d3fff 0x0001/0x0000 0x0000000
976d8.1704: *0000000077620000-000000007761efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
986d8.1704: 0000000077621000-0000000077585fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
996d8.1704: 00000000776bc000-000000007764dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1006d8.1704: 000000007772a000-0000000077727fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1016d8.1704: 000000007772c000-0000000077718fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1026d8.1704: 000000007773f000-000000007763dfff 0x0001/0x0000 0x0000000
1036d8.1704: *0000000077840000-000000007783efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1046d8.1704: 0000000077841000-000000007773efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1056d8.1704: 0000000077943000-0000000077913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1066d8.1704: 0000000077972000-0000000077970fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1076d8.1704: 0000000077973000-0000000077971fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1086d8.1704: 0000000077974000-0000000077972fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1096d8.1704: 0000000077975000-0000000077972fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1106d8.1704: 0000000077977000-0000000077975fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1116d8.1704: 0000000077978000-0000000077976fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1126d8.1704: 0000000077979000-0000000077976fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1136d8.1704: 000000007797b000-0000000077979fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1146d8.1704: 000000007797c000-0000000077979fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1156d8.1704: 000000007797e000-0000000077912fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1166d8.1704: 00000000779e9000-00000000703f1fff 0x0001/0x0000 0x0000000
1176d8.1704: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
1186d8.1704: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
1196d8.1704: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
1206d8.1704: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1216d8.1704: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1226d8.1704: 000000007fff0000-ffffffffc0acffff 0x0001/0x0000 0x0000000
1236d8.1704: *000000013f510000-000000013f50efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1246d8.1704: 000000013f511000-000000013f491fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1256d8.1704: 000000013f590000-000000013f58efff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1266d8.1704: 000000013f591000-000000013f559fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1276d8.1704: 000000013f5c8000-000000013f5befff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1286d8.1704: 000000013f5d1000-000000013f597fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1296d8.1704: 000000013f60a000-fffff80381533fff 0x0001/0x0000 0x0000000
1306d8.1704: *000007fefd6e0000-000007fefd6defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1316d8.1704: 000007fefd6e1000-000007fefd696fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1326d8.1704: 000007fefd72b000-000007fefd714fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1336d8.1704: 000007fefd741000-000007fefd73efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1346d8.1704: 000007fefd743000-000007fefd739fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1356d8.1704: 000007fefd74c000-000007fefb337fff 0x0001/0x0000 0x0000000
1366d8.1704: *000007feffb60000-000007feffb5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
1376d8.1704: 000007feffb61000-000007fdff711fff 0x0001/0x0000 0x0000000
1386d8.1704: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
1396d8.1704: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
1406d8.1704: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
1416d8.1704: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
1426d8.1704: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
1436d8.1704: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
1446d8.1704: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1456d8.1704: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
1466d8.1704: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
1476d8.1704: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1486d8.1704: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1496d8.1704: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
1506d8.1704: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1516d8.1704: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
1526d8.1704: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
1536d8.1704: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
1546d8.1704: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
1556d8.1704: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
1566d8.1704: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
1576d8.1704: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
1586d8.1704: 00000000000b7000-000000000002dfff 0x0001/0x0000 0x0000000
1596d8.1704: *0000000000140000-0000000000045fff 0x0000/0x0004 0x0020000
1606d8.1704: 000000000023a000-0000000000237fff 0x0104/0x0004 0x0020000
1616d8.1704: 000000000023c000-0000000000237fff 0x0004/0x0004 0x0020000
1626d8.1704: 0000000000240000-00000000001affff 0x0001/0x0000 0x0000000
1636d8.1704: *00000000002d0000-00000000001f7fff 0x0004/0x0004 0x0020000
1646d8.1704: 00000000003a8000-000000000037ffff 0x0000/0x0004 0x0020000
1656d8.1704: *00000000003d0000-0000000000225fff 0x0004/0x0004 0x0020000
1666d8.1704: 000000000057a000-0000000000573fff 0x0001/0x0000 0x0000000
1676d8.1704: *0000000000580000-000000000047ffff 0x0004/0x0004 0x0020000
1686d8.1704: *0000000000680000-0000000000611fff 0x0004/0x0004 0x0020000
1696d8.1704: 00000000006ee000-000000000055bfff 0x0000/0x0004 0x0020000
1706d8.1704: *0000000000880000-000000000075ffff 0x0004/0x0004 0x0020000
1716d8.1704: 00000000009a0000-ffffffff89d1ffff 0x0001/0x0000 0x0000000
1726d8.1704: *0000000077620000-000000007761efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1736d8.1704: 0000000077621000-0000000077585fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1746d8.1704: 00000000776bc000-000000007764dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1756d8.1704: 000000007772a000-0000000077727fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1766d8.1704: 000000007772c000-0000000077718fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1776d8.1704: 000000007773f000-000000007763dfff 0x0001/0x0000 0x0000000
1786d8.1704: *0000000077840000-000000007783efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1796d8.1704: 0000000077841000-000000007773efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1806d8.1704: 0000000077943000-0000000077913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1816d8.1704: 0000000077972000-0000000077970fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1826d8.1704: 0000000077973000-0000000077971fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1836d8.1704: 0000000077974000-0000000077972fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1846d8.1704: 0000000077975000-0000000077972fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1856d8.1704: 0000000077977000-0000000077975fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1866d8.1704: 0000000077978000-0000000077976fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1876d8.1704: 0000000077979000-0000000077976fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1886d8.1704: 000000007797b000-0000000077979fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1896d8.1704: 000000007797c000-0000000077979fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1906d8.1704: 000000007797e000-0000000077912fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1916d8.1704: 00000000779e9000-00000000779e1fff 0x0001/0x0000 0x0000000
1926d8.1704: *00000000779f0000-00000000779eefff 0x0004/0x0004 0x0020000
1936d8.1704: 00000000779f1000-0000000070401fff 0x0001/0x0000 0x0000000
1946d8.1704: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
1956d8.1704: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
1966d8.1704: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
1976d8.1704: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1986d8.1704: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1996d8.1704: 000000007fff0000-ffffffffc0acffff 0x0001/0x0000 0x0000000
2006d8.1704: *000000013f510000-000000013f50efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2016d8.1704: 000000013f511000-000000013f490fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2026d8.1704: 000000013f591000-000000013f559fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2036d8.1704: 000000013f5c8000-000000013f5befff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2046d8.1704: 000000013f5d1000-000000013f597fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2056d8.1704: 000000013f60a000-fffff80381533fff 0x0001/0x0000 0x0000000
2066d8.1704: *000007fefd6e0000-000007fefd6defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2076d8.1704: 000007fefd6e1000-000007fefd696fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2086d8.1704: 000007fefd72b000-000007fefd714fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2096d8.1704: 000007fefd741000-000007fefd73efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2106d8.1704: 000007fefd743000-000007fefd739fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2116d8.1704: 000007fefd74c000-000007fefb337fff 0x0001/0x0000 0x0000000
2126d8.1704: *000007feffb60000-000007feffb5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
2136d8.1704: 000007feffb61000-000007fdff711fff 0x0001/0x0000 0x0000000
2146d8.1704: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2156d8.1704: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
2166d8.1704: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
2176d8.1704: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
2186d8.1704: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2196d8.1704: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2206d8.1704: SUPR3HardenedMain: Respawn #2
2216d8.1704: supR3HardNtEnableThreadCreation:
2226d8.1704: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
2236d8.1704: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
2246d8.1704: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
2256d8.1704: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2266d8.1704: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd480000 'C:\Windows\system32\apphelp.dll'
2276d8.1704: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007786c340 pvNtTerminateThread=00000000778917e0
2286d8.1704: supR3HardenedWinDoReSpawn(2): New child 1468.668 [kernel32].
2296d8.1704: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffdf000 cbPeb=0x380
2306d8.1704: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077840000 uNtDllChildAddr=0000000077840000
2316d8.1704: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=000000007786c340 uNtTerminateThread=00000000778917e0
2326d8.1704: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007786c340 pvNtTerminateThread=00000000778917e0
2336d8.1704: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
2346d8.1704: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll)
2356d8.1704: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2366d8.1704: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
2376d8.1704: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000200000 LB 0x1a9000
2386d8.1704: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
2396d8.1704: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2406d8.1704: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
2416d8.1704: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000077620000 LB 0x11f000
2426d8.1704: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
2436d8.1704: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2446d8.1704: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
2456d8.1704: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefd6e0000 LB 0x6c000
2466d8.1704: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 31 ms
2476d8.1704: supR3HardNtEnableThreadCreation:
2486d8.1704: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2496d8.1704: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2506d8.1704: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2516d8.1704: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
2526d8.1704: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
2536d8.1704: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
2546d8.1704: 0000000000041000-fffffffffff81fff 0x0001/0x0000 0x0000000
2556d8.1704: *0000000000100000-0000000000003fff 0x0000/0x0004 0x0020000
2566d8.1704: 00000000001fc000-00000000001f8fff 0x0104/0x0004 0x0020000
2576d8.1704: 00000000001ff000-00000000001fdfff 0x0004/0x0004 0x0020000
2586d8.1704: 0000000000200000-ffffffff88bbffff 0x0001/0x0000 0x0000000
2596d8.1704: *0000000077840000-000000007783efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2606d8.1704: 0000000077841000-000000007773efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2616d8.1704: 0000000077943000-0000000077913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2626d8.1704: 0000000077972000-0000000077969fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2636d8.1704: 000000007797a000-0000000077978fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2646d8.1704: 000000007797b000-0000000077977fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2656d8.1704: 000000007797e000-0000000077912fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2666d8.1704: 00000000779e9000-00000000703f1fff 0x0001/0x0000 0x0000000
2676d8.1704: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2686d8.1704: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2696d8.1704: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2706d8.1704: 000000007fff0000-ffffffffc0acffff 0x0001/0x0000 0x0000000
2716d8.1704: *000000013f510000-000000013f50efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2726d8.1704: 000000013f511000-000000013f491fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2736d8.1704: 000000013f590000-000000013f58efff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2746d8.1704: 000000013f591000-000000013f559fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2756d8.1704: 000000013f5c8000-000000013f5befff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2766d8.1704: 000000013f5d1000-000000013f597fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2776d8.1704: 000000013f60a000-fffff8037f0b3fff 0x0001/0x0000 0x0000000
2786d8.1704: *000007feffb60000-000007feffb5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
2796d8.1704: 000007feffb61000-000007fdff711fff 0x0001/0x0000 0x0000000
2806d8.1704: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2816d8.1704: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
2826d8.1704: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
2836d8.1704: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
2846d8.1704: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2851468.668: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2861468.668: Calling main()
2871468.668: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2881468.668: System32: \Device\HarddiskVolume2\Windows\System32
2891468.668: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
2901468.668: ProgDir: \Device\HarddiskVolume2\Program Files
2911468.668: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
2921468.668: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
2931468.668: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
2941468.668: supR3HardenedWinInit: Startup delay kludge #2/0: 125 ms, 8 sleeps
2951468.668: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
2961468.668: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2971468.668: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
2981468.668: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
2991468.668: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
3001468.668: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
3011468.668: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
3021468.668: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
3031468.668: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
3041468.668: 00000000000b7000-000000000006dfff 0x0001/0x0000 0x0000000
3051468.668: *0000000000100000-0000000000004fff 0x0000/0x0004 0x0020000
3061468.668: 00000000001fb000-00000000001f8fff 0x0104/0x0004 0x0020000
3071468.668: 00000000001fd000-00000000001f9fff 0x0004/0x0004 0x0020000
3081468.668: *0000000000200000-0000000000055fff 0x0004/0x0004 0x0020000
3091468.668: 00000000003aa000-0000000000363fff 0x0001/0x0000 0x0000000
3101468.668: *00000000003f0000-0000000000385fff 0x0004/0x0004 0x0020000
3111468.668: 000000000045a000-00000000003c3fff 0x0000/0x0004 0x0020000
3121468.668: 00000000004f0000-ffffffff893bffff 0x0001/0x0000 0x0000000
3131468.668: *0000000077620000-000000007761efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3141468.668: 0000000077621000-0000000077585fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3151468.668: 00000000776bc000-000000007764dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3161468.668: 000000007772a000-0000000077727fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3171468.668: 000000007772c000-0000000077718fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3181468.668: 000000007773f000-000000007763dfff 0x0001/0x0000 0x0000000
3191468.668: *0000000077840000-000000007783efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3201468.668: 0000000077841000-000000007773efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3211468.668: 0000000077943000-0000000077913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3221468.668: 0000000077972000-0000000077970fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3231468.668: 0000000077973000-0000000077971fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3241468.668: 0000000077974000-0000000077972fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3251468.668: 0000000077975000-0000000077972fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3261468.668: 0000000077977000-0000000077975fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3271468.668: 0000000077978000-0000000077976fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3281468.668: 0000000077979000-0000000077976fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3291468.668: 000000007797b000-0000000077979fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3301468.668: 000000007797c000-0000000077979fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3311468.668: 000000007797e000-0000000077912fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3321468.668: 00000000779e9000-00000000703f1fff 0x0001/0x0000 0x0000000
3331468.668: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
3341468.668: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
3351468.668: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
3361468.668: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
3371468.668: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
3381468.668: 000000007fff0000-ffffffffc0acffff 0x0001/0x0000 0x0000000
3391468.668: *000000013f510000-000000013f50efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3401468.668: 000000013f511000-000000013f491fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3411468.668: 000000013f590000-000000013f58efff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3421468.668: 000000013f591000-000000013f559fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3431468.668: 000000013f5c8000-000000013f5befff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3441468.668: 000000013f5d1000-000000013f597fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3451468.668: 000000013f60a000-fffff80381533fff 0x0001/0x0000 0x0000000
3461468.668: *000007fefd6e0000-000007fefd6defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3471468.668: 000007fefd6e1000-000007fefd696fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3481468.668: 000007fefd72b000-000007fefd714fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3491468.668: 000007fefd741000-000007fefd73efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3501468.668: 000007fefd743000-000007fefd739fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3511468.668: 000007fefd74c000-000007fefb337fff 0x0001/0x0000 0x0000000
3521468.668: *000007feffb60000-000007feffb5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
3531468.668: 000007feffb61000-000007fdff711fff 0x0001/0x0000 0x0000000
3541468.668: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
3551468.668: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
3561468.668: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
3571468.668: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
3581468.668: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
3591468.668: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3601468.668: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
3611468.668: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
3621468.668: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3631468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3641468.668: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
3651468.668: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
3661468.668: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
3671468.668: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
3681468.668: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
3691468.668: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
3701468.668: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
3711468.668: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
3721468.668: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
3731468.668: 00000000000b7000-000000000006dfff 0x0001/0x0000 0x0000000
3741468.668: *0000000000100000-0000000000005fff 0x0000/0x0004 0x0020000
3751468.668: 00000000001fa000-00000000001f7fff 0x0104/0x0004 0x0020000
3761468.668: 00000000001fc000-00000000001f7fff 0x0004/0x0004 0x0020000
3771468.668: *0000000000200000-0000000000055fff 0x0004/0x0004 0x0020000
3781468.668: 00000000003aa000-0000000000363fff 0x0001/0x0000 0x0000000
3791468.668: *00000000003f0000-0000000000317fff 0x0004/0x0004 0x0020000
3801468.668: 00000000004c8000-000000000049ffff 0x0000/0x0004 0x0020000
3811468.668: *00000000004f0000-00000000003effff 0x0004/0x0004 0x0020000
3821468.668: *00000000005f0000-0000000000581fff 0x0004/0x0004 0x0020000
3831468.668: 000000000065e000-00000000004cbfff 0x0000/0x0004 0x0020000
3841468.668: *00000000007f0000-00000000006cffff 0x0004/0x0004 0x0020000
3851468.668: 0000000000910000-ffffffff89bfffff 0x0001/0x0000 0x0000000
3861468.668: *0000000077620000-000000007761efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3871468.668: 0000000077621000-0000000077585fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3881468.668: 00000000776bc000-000000007764dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3891468.668: 000000007772a000-0000000077727fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3901468.668: 000000007772c000-0000000077718fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3911468.668: 000000007773f000-000000007763dfff 0x0001/0x0000 0x0000000
3921468.668: *0000000077840000-000000007783efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3931468.668: 0000000077841000-000000007773efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3941468.668: 0000000077943000-0000000077913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3951468.668: 0000000077972000-0000000077970fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3961468.668: 0000000077973000-0000000077971fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3971468.668: 0000000077974000-0000000077972fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3981468.668: 0000000077975000-0000000077972fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3991468.668: 0000000077977000-0000000077975fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4001468.668: 0000000077978000-0000000077976fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4011468.668: 0000000077979000-0000000077976fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4021468.668: 000000007797b000-0000000077979fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4031468.668: 000000007797c000-0000000077979fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4041468.668: 000000007797e000-0000000077912fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4051468.668: 00000000779e9000-00000000779e1fff 0x0001/0x0000 0x0000000
4061468.668: *00000000779f0000-00000000779eefff 0x0004/0x0004 0x0020000
4071468.668: 00000000779f1000-0000000070401fff 0x0001/0x0000 0x0000000
4081468.668: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
4091468.668: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
4101468.668: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
4111468.668: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
4121468.668: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
4131468.668: 000000007fff0000-ffffffffc0acffff 0x0001/0x0000 0x0000000
4141468.668: *000000013f510000-000000013f50efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4151468.668: 000000013f511000-000000013f490fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4161468.668: 000000013f591000-000000013f559fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4171468.668: 000000013f5c8000-000000013f5befff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4181468.668: 000000013f5d1000-000000013f597fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4191468.668: 000000013f60a000-fffff80381533fff 0x0001/0x0000 0x0000000
4201468.668: *000007fefd6e0000-000007fefd6defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4211468.668: 000007fefd6e1000-000007fefd696fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4221468.668: 000007fefd72b000-000007fefd714fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4231468.668: 000007fefd741000-000007fefd73efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4241468.668: 000007fefd743000-000007fefd739fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4251468.668: 000007fefd74c000-000007fefb337fff 0x0001/0x0000 0x0000000
4261468.668: *000007feffb60000-000007feffb5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
4271468.668: 000007feffb61000-000007fdff711fff 0x0001/0x0000 0x0000000
4281468.668: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
4291468.668: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
4301468.668: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
4311468.668: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
4321468.668: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
4331468.668: SUPR3HardenedMain: Final process, opening VBoxDrv...
4341468.668: supR3HardNtEnableThreadCreation:
4351468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000470200:C:\Windows\system32
4361468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
4371468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
4381468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4391468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
4401468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4411468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef19b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4421468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
4431468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4441468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef19b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4451468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef19b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4461468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=0000000000470200:C:\Windows\system32
4471468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4481468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
4491468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4501468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
4511468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
4521468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
4531468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4541468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
4551468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
4561468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
4571468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4581468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
4591468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
4601468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
4611468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
4631468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4641468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4651468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
4661468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
4671468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4681468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
4691468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
4701468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
4711468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4721468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
4731468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4741468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4751468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
4761468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4771468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4781468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd900000 'C:\Windows\system32\Wintrust.dll'
4791468.668: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
4801468.668: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
4811468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
4821468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
4831468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
4841468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce80000 'C:\Windows\system32\CRYPTSP.dll'
4851468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
4861468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4871468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
4881468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
4891468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4901468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
4911468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4921468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4931468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb80000 'C:\Windows\system32\rsaenh.dll'
4941468.668: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
4951468.668: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
4961468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4971468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4981468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
4991468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
5001468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5011468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
5021468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5031468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5051468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5061468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5071468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
5081468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
5091468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
5101468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
5111468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1e0000 'C:\Windows\system32\ADVAPI32.dll'
5121468.668: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5131468.668: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\Windows\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
5141468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
5151468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
5161468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5171468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
5181468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5191468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5201468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5211468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5221468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5231468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4e0000 'C:\Windows\system32\CRYPTBASE.dll'
5241468.668: supR3HardenedMonitor_LdrLoadDll: pName=kernel32.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5251468.668: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\Windows\system32\kernel32.dll' [rcNt=0xc0150008]
5261468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
5271468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
5281468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077620000 'C:\Windows\system32\kernel32.dll'
5291468.668: supR3HardenedMonitor_LdrLoadDll: pName=WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5301468.668: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\Windows\system32\WINTRUST.DLL' [rcNt=0xc0150008]
5311468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5321468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd900000 'C:\Windows\system32\WINTRUST.DLL'
5331468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x1002 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5341468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5351468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd770000 'C:\Windows\system32\CRYPT32.dll'
5361468.668: supR3HardenedMonitor_LdrLoadDll: pName=imagehlp.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5371468.668: supR3HardenedMonitor_LdrLoadDll: 'imagehlp.dll' -> 'C:\Windows\system32\imagehlp.dll' [rcNt=0xc0150008]
5381468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5391468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
5401468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
5411468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
5421468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
5431468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
5441468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5451468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5461468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5471468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5481468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5491468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee70000 'C:\Windows\system32\imagehlp.dll'
5501468.668: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5511468.668: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
5521468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5531468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce80000 'C:\Windows\system32\CRYPTSP.dll'
5541468.668: supR3HardenedMonitor_LdrLoadDll: pName=USER32.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5551468.668: supR3HardenedMonitor_LdrLoadDll: 'USER32.dll' -> 'C:\Windows\system32\USER32.dll' [rcNt=0xc0150008]
5561468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
5571468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
5581468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
5591468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5601468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
5611468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
5621468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
5631468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
5641468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
5651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
5661468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
5671468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
5681468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
5691468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
5701468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
5711468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
5721468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5731468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
5741468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
5751468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
5761468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
5771468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5781468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
5791468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
5801468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
5811468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
5821468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5831468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
5841468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
5851468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5861468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
5871468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5881468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5891468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
5901468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5911468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5921468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
5931468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
5941468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5951468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5961468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5971468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
5981468.668: supR3HardenedMonitor_LdrLoadDll: pName=gdi32.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
5991468.668: supR3HardenedMonitor_LdrLoadDll: 'gdi32.dll' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
6001468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6011468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda40000 'C:\Windows\system32\gdi32.dll'
6021468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
6031468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
6041468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
6051468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
6061468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
6071468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
6081468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
6091468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
6101468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6111468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
6121468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
6131468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
6141468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
6151468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
6161468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6171468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
6181468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6191468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6201468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6211468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6221468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
6231468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
6241468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6251468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6261468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
6271468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6281468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6291468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6301468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6311468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6321468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
6331468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6341468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6351468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff6b0000 'C:\Windows\system32\IMM32.DLL'
6361468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\nvinitx.dll *pfFlags=0x0 pwszSearchPath=00000000004509d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
6371468.668: \Device\HarddiskVolume2\Windows\System32\nvinitx.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
6381468.668: \Device\HarddiskVolume2\Windows\System32\nvinitx.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
6391468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
6401468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
6411468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nvinitx.dll)
6421468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nvinitx.dll
6431468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6441468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
6451468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
6461468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6471468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6481468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6491468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
6501468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
6511468.668: \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
6521468.668: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume2\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll)
6531468.668: Error (rc=0):
6541468.668: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume2\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll'.
6551468.668: Error (rc=0):
6561468.668: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll': rcNt=0xc0000190
6571468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll'
6581468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NV\igdumd64.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
6591468.668: \Device\HarddiskVolume2\Windows\System32\NV\igdumd64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
6601468.668: \Device\HarddiskVolume2\Windows\System32\NV\igdumd64.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
6611468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
6621468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
6631468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
6641468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
6651468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\NV\igdumd64.dll)
6661468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\NV\igdumd64.dll
6671468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
6681468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
6691468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
6701468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
6711468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
6721468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
6731468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
6741468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
6751468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
6761468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)
6771468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
6781468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6791468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
6801468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6811468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6821468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
6831468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
6841468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6851468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6861468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6871468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
6881468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
6891468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6901468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
6911468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
6921468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
6931468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
6941468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
6951468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
6961468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
6971468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
6981468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
6991468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
7001468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)
7011468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
7021468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7031468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
7041468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
7051468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7061468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
7071468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7081468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
7091468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
7101468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
7111468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7121468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7131468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7141468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
7151468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
7161468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7171468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
7181468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
7191468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
7201468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
7211468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7221468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
7231468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7241468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7251468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
7261468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7271468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7281468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7291468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7301468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
7311468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
7321468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
7331468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7341468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
7351468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
7361468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7371468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
7381468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7391468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7401468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7411468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7421468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
7431468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
7441468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7451468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
7461468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
7471468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
7481468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)
7491468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
7501468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
7511468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
7521468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
7531468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7541468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7551468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7561468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7571468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
7581468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7591468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7601468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
7611468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
7621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
7631468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
7641468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
7651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7661468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7671468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7681468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\NV\igdumd64.dll [lacks WinVerifyTrust]
7691468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
7701468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077620000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
7711468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec9f0000 'C:\Windows\system32\NV\igdumd64.dll'
7721468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NV\igd10umd64.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
7731468.668: \Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
7741468.668: \Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
7751468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
7761468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
7771468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
7781468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
7791468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll)
7801468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll
7811468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
7821468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
7831468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
7841468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
7851468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
7861468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
7871468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7881468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
7891468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7901468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7911468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
7921468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
7931468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll [lacks WinVerifyTrust]
7941468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7b00000 'C:\Windows\system32\NV\igd10umd64.dll'
7951468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NV\igd10umd64.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
7961468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll [lacks WinVerifyTrust]
7971468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7b00000 'C:\Windows\system32\NV\igd10umd64.dll'
7981468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5b0000 'C:\Windows\system32\nvinitx.dll'
7991468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\USER32.dll'
8001468.668: supR3HardenedMonitor_LdrLoadDll: pName=ncrypt.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8011468.668: supR3HardenedMonitor_LdrLoadDll: 'ncrypt.dll' -> 'C:\Windows\system32\ncrypt.dll' [rcNt=0xc0150008]
8021468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
8031468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
8041468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
8051468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
8061468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
8071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
8081468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
8091468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
8101468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8111468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
8121468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8131468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
8141468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
8151468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
8161468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
8171468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
8181468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
8191468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd000000 'C:\Windows\system32\ncrypt.dll'
8201468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8211468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
8221468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
8231468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
8241468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
8251468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
8261468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
8271468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
8281468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
8291468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
8301468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8311468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
8321468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcac0000 'C:\Windows\system32\bcryptprimitives.dll'
8331468.668: supR3HardenedMonitor_LdrLoadDll: pName=bcrypt.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8341468.668: supR3HardenedMonitor_LdrLoadDll: 'bcrypt.dll' -> 'C:\Windows\system32\bcrypt.dll' [rcNt=0xc0150008]
8351468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
8361468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfd0000 'C:\Windows\system32\bcrypt.dll'
8371468.668: supR3HardenedMonitor_LdrLoadDll: pName=USERENV.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8381468.668: supR3HardenedMonitor_LdrLoadDll: 'USERENV.dll' -> 'C:\Windows\system32\USERENV.dll' [rcNt=0xc0150008]
8391468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8401468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
8411468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
8421468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
8431468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
8441468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
8451468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
8461468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8471468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
8481468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
8491468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8501468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
8511468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8521468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8531468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
8541468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8551468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8561468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
8571468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8581468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
8591468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd970000 'C:\Windows\system32\USERENV.dll'
8601468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8611468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8621468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8631468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8641468.668: supR3HardenedMonitor_LdrLoadDll: pName=GPAPI.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8651468.668: supR3HardenedMonitor_LdrLoadDll: 'GPAPI.dll' -> 'C:\Windows\system32\GPAPI.dll' [rcNt=0xc0150008]
8661468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8671468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
8681468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
8691468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
8701468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8711468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
8721468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8731468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8741468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
8751468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8761468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
8771468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8f0000 'C:\Windows\system32\GPAPI.dll'
8781468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8791468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
8801468.668: supR3HardenedMonitor_LdrLoadDll: pName=rpcrt4.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8811468.668: supR3HardenedMonitor_LdrLoadDll: 'rpcrt4.dll' -> 'C:\Windows\system32\rpcrt4.dll' [rcNt=0xc0150008]
8821468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8831468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4e0000 'C:\Windows\system32\rpcrt4.dll'
8841468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8851468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
8861468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8871468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8881468.668: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
8891468.668: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
8901468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8911468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
8921468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
8931468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
8941468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
8951468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
8961468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
8971468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll'
8981468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8991468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
9001468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
9011468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
9021468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
9031468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
9041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9051468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
9061468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
9071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9081468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
9091468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9101468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9111468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
9121468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9131468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9141468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9151468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9161468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9171468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9181468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9191468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9201468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9211468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9221468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9231468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9241468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9251468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9261468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9271468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9281468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9291468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9301468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9311468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9321468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9331468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9341468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9351468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9361468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9371468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9381468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9391468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9401468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9411468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9421468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9431468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9441468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9451468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9461468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9471468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9481468.668: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9491468.668: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
9501468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
9511468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
9521468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9531468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
9541468.668: supR3HardenedMonitor_LdrLoadDll: pName=profapi.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9551468.668: supR3HardenedMonitor_LdrLoadDll: 'profapi.dll' -> 'C:\Windows\system32\profapi.dll' [rcNt=0xc0150008]
9561468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
9571468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd680000 'C:\Windows\system32\profapi.dll'
9581468.668: supR3HardenedMonitor_LdrLoadDll: pName=SHLWAPI.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9591468.668: supR3HardenedMonitor_LdrLoadDll: 'SHLWAPI.dll' -> 'C:\Windows\system32\SHLWAPI.dll' [rcNt=0xc0150008]
9601468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
9611468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
9621468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
9631468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
9641468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
9651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9661468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
9671468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9681468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9691468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
9701468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
9711468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9721468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
9731468.668: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9741468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
9751468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbb0000 'C:\Windows\system32\SHLWAPI.dll'
9761468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
9771468.668: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000046e7e0
9781468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
9791468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
9801468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9811468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
9821468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9831468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
9841468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9851468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
9861468.668: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9871468.668: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
9881468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
9891468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1e0000 'C:\Windows\system32\ADVAPI32.dll'
9901468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9911468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
9921468.668: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
9931468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
9941468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
9951468.668: g_pfnWinVerifyTrust=000007fefd901010
9961468.668: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
9971468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
9981468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
9991468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10001468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CF258E1DA85AD69891395F6F7501E1D54F2DFED8
10011468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB2868626~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
10021468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10031468.668: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
10041468.668: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
10051468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
10061468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10071468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10081468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
10091468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB2862966~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
10101468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10111468.668: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
10121468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003e0 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
10131468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10141468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10151468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
10161468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
10171468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10181468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
10191468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003d8 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
10201468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10211468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10221468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
10231468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
10241468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10251468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
10261468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003d4 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
10271468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10281468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10291468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
10301468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB2862966~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
10311468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10321468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
10331468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000002b4 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
10341468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10351468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10361468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
10371468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
10381468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10391468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
10401468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000220 pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
10411468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10421468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10431468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
10441468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
10451468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10461468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
10471468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000021c pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
10481468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10491468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10501468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
10511468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
10521468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10531468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
10541468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
10551468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001f0 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
10561468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10571468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10581468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
10591468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
10601468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10611468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
10621468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
10631468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10641468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10651468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
10661468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB2992611~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
10671468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10681468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
10691468.668: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll'
10701468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\NV\igd10umd64.dll'
10711468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001bc pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
10721468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10731468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10741468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
10751468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
10761468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10771468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
10781468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b8 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
10791468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10801468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10811468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
10821468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
10831468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10841468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
10851468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b4 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
10861468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10871468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10881468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=59C9A3379D97CB80EFB9D9152AF4E0240DDF8B29
10891468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3006226~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
10901468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10911468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
10921468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b0 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
10931468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
10941468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
10951468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
10961468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
10971468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10981468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
10991468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001ac pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
11001468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11011468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11021468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
11031468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
11041468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11051468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
11061468.668: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume2\Windows\System32\NV\igdumd64.dll'
11071468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\NV\igdumd64.dll'
11081468.668: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume2\Windows\System32\nvinitx.dll'
11091468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\nvinitx.dll'
11101468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
11111468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11121468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11131468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
11141468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
11151468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11161468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
11171468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
11181468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11191468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11201468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
11211468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
11221468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11231468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
11241468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
11251468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11261468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11271468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
11281468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
11291468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11301468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
11311468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
11321468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11331468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11341468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
11351468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
11361468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11371468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
11381468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
11391468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11401468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11411468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
11421468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2993651~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
11431468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11441468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
11451468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
11461468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11471468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11481468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
11491468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
11501468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11511468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
11521468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000160 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
11531468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11541468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11551468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
11561468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
11571468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11581468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
11591468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000015c pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
11601468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11611468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11621468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
11631468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB2922229~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
11641468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11651468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
11661468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000118 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
11671468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11681468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11691468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
11701468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
11711468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11721468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
11731468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000010c pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
11741468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11751468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11761468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
11771468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
11781468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11791468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
11801468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000100 pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
11811468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11821468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11831468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
11841468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
11851468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11861468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
11871468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
11881468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000fc pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
11891468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11901468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11911468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
11921468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
11931468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11941468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
11951468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
11961468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
11971468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
11981468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
11991468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
12001468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12011468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
12021468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
12031468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
12041468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
12051468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
12061468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
12071468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12081468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
12091468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d0 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
12101468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
12111468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
12121468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
12131468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2978668~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
12141468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12151468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
12161468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
12171468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000581710:C:\Windows\system32
12181468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
12191468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd770000 'C:\Windows\system32\crypt32.dll'
12201468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
12211468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
12221468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
12231468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
12241468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x65bb1131824f198b C=IT, CN=Default CA
12251468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x2a42db10d35535c3 C=GB, CN=Default CA
12261468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
12271468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
12281468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
12291468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
12301468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
12311468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
12321468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
12331468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12341468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
12351468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
12361468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
12371468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
12381468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
12391468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
12401468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
12411468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
12421468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x6e2ba21058eedf00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN - DATACorp SGC
12431468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
12441468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
12451468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
12461468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
12471468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
12481468.668: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
12491468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
12501468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xfa32741af1b9f00 DC=local, DC=dominio, CN=CA01.dominio.com
12511468.668: supR3HardenedWinIsDesiredRootCA: Adding 0xfa32741af1b9f00 DC=local, DC=dominio, CN=CA01.dominio.com
12521468.668: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=32
12531468.668: SUPR3HardenedMain: Load Runtime...
12541468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
12551468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
12561468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
12571468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
12581468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
12591468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
12601468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12611468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
12631468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
12641468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
12651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
12661468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
12671468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
12681468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
12691468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
12701468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
12711468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12721468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12731468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
12741468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
12751468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)WinVerifyTrust
12761468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
12771468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12781468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
12791468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
12801468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
12811468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
12821468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12831468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
12841468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
12851468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
12861468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12871468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
12881468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
12891468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
12901468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
12911468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
12921468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
12931468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
12941468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
12951468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
12961468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12971468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)WinVerifyTrust
12981468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
12991468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13001468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
13011468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
13021468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13031468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
13041468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
13051468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13061468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
13071468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
13081468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13091468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13101468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13111468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13121468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13131468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13141468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13151468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13161468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13171468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13181468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13191468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13201468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13211468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13221468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13231468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13241468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13251468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13261468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13271468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13281468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13291468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13301468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13311468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13321468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13331468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13341468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13351468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13361468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13371468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13381468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13391468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13401468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13411468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13421468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13431468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13441468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13451468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13461468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13471468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13481468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13491468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13501468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13511468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13521468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13531468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13541468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13551468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13561468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13571468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13581468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13591468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13601468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13611468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13621468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13631468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13641468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13651468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13661468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13671468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13681468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13691468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13701468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13711468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13721468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13731468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13741468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13751468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13761468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13771468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13781468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13791468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13801468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13811468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13821468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13831468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13841468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13851468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13861468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13871468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13881468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13891468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13901468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13911468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13921468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13931468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13941468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13951468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13961468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13971468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
13981468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
13991468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14001468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14011468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003f15c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\win32app\ingr\ipshare\bin;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
14021468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14031468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14041468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee92b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14051468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=000000000059b060:C:\Windows\system32
14061468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
14071468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd900000 'C:\Windows\system32\Wintrust.dll'
14081468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=000000000059b060:C:\Windows\system32
14091468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
14101468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd770000 'C:\Windows\system32\crypt32.dll'
14111468.668: SUPR3HardenedMain: Load TrustedMain...
14121468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
14131468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
14141468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
14151468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
14161468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
14171468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
14181468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
14191468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
14201468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
14211468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
14221468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
14231468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
14241468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
14251468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
14261468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
14271468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
14281468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
14291468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
14301468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
14311468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
14321468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
14331468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
14341468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
14351468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
14361468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
14371468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
14381468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14391468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
14401468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14411468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll)WinVerifyTrust
14421468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
14431468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
14441468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
14451468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e0 pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
14461468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
14471468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
14481468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
14491468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
14501468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14511468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14521468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
14531468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14541468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
14551468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
14561468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
14571468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)WinVerifyTrust
14581468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
14591468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
14601468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
14611468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
14621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14631468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
14641468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
14651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14661468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
14671468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000504 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
14681468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
14691468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
14701468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8D11B9B481EE916E64C94F8ECA71C2995A2999B7
14711468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2980245~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
14721468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14731468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14741468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
14751468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
14761468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
14771468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)WinVerifyTrust
14781468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
14791468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14801468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
14811468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
14821468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14831468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
14841468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
14851468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14861468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
14871468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
14881468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
14891468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll'
14901468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
14911468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
14921468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
14931468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
14941468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
14951468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
14961468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
14971468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
14981468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
14991468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll'
15001468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
15011468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
15021468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
15031468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
15041468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
15051468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
15061468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
15071468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15081468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
15091468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
15101468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
15111468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
15121468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
15131468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
15141468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
15151468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
15161468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
15171468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
15181468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
15191468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
15201468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)WinVerifyTrust
15211468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
15221468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
15231468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
15241468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15251468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
15261468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
15271468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
15281468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15291468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15301468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)WinVerifyTrust
15311468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
15321468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15331468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
15341468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
15351468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15361468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
15371468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
15381468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15391468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
15401468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15411468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15421468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
15431468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000524 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
15441468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
15451468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
15461468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
15471468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
15481468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15491468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15501468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
15511468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
15521468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
15531468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
15541468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
15551468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)WinVerifyTrust
15561468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
15571468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15581468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
15591468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
15601468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
15611468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
15621468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f4 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
15631468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
15641468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
15651468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
15661468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
15671468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15681468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15691468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15701468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
15711468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
15721468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
15731468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
15741468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)WinVerifyTrust
15751468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
15761468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
15771468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll'
15781468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000508 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
15791468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
15801468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
15811468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
15821468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
15831468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15841468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15851468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
15861468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15871468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)WinVerifyTrust
15881468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
15891468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15901468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
15911468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
15921468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15931468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
15941468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
15951468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15961468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
15971468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
15981468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15991468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
16001468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
16011468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16021468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
16031468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
16041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
16051468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
16061468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
16071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16081468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
16091468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
16101468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16111468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
16121468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
16131468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16141468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16151468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16161468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16171468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
16181468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
16191468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16201468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
16211468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
16221468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
16231468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
16241468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
16251468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
16261468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
16271468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
16281468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16291468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
16301468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
16311468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16321468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16331468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16341468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16351468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
16361468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
16371468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
16381468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv'
16391468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000050c pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
16401468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
16411468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
16421468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
16431468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
16441468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16451468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16461468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
16471468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
16481468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)WinVerifyTrust
16491468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
16501468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
16511468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
16521468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
16531468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
16541468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
16551468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
16561468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16571468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
16581468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
16591468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
16601468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
16611468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
16621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16631468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
16641468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16661468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
16671468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
16681468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
16691468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
16701468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
16711468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
16721468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
16731468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
16741468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16751468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
16761468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
16771468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
16781468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
16791468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
16801468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
16811468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
16821468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
16831468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16841468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16851468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16861468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16871468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
16881468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16891468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16901468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
16911468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
16921468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16931468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
16941468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16951468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16961468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16971468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16981468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
16991468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
17001468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
17011468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17021468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17031468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
17051468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
17061468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
17071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
17081468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
17091468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000514 pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
17101468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
17111468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
17121468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
17131468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
17141468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17151468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
17161468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
17171468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
17181468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)WinVerifyTrust
17191468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
17201468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17211468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
17221468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17231468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17241468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17251468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17261468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
17271468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
17281468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
17291468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17301468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17311468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17321468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17331468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17341468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17351468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17361468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17371468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17381468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17391468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17401468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17411468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17421468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
17431468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17441468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17451468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
17461468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
17471468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17481468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17491468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17501468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17511468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
17521468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17531468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17541468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17551468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17561468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17571468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17581468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17591468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
17601468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
17611468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
17621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17631468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17641468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
17661468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
17671468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000534 pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
17681468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
17691468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
17701468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
17711468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
17721468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17731468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17741468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
17751468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
17761468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)WinVerifyTrust
17771468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
17781468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
17791468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
17801468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
17811468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17821468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
17831468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17841468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
17851468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
17861468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000544 pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
17871468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
17881468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
17891468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F097BF0B081F54722F0A01EF1CC13AECA64B12F0
17901468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
17911468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17921468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17931468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
17941468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
17951468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)WinVerifyTrust
17961468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
17971468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17981468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17991468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18001468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18011468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
18021468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18031468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
18051468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18061468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
18081468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
18091468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18101468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
18111468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18121468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18131468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
18141468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18151468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18161468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
18171468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
18181468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18191468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
18201468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18211468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
18221468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
18231468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
18241468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
18251468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
18261468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
18271468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
18281468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
18291468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
18301468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
18311468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
18321468.668: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll)
18331468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
18341468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
18351468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
18361468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
18371468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
18381468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000538 pwszName=\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
18391468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
18401468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
18411468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
18421468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
18431468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18441468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
18451468.668: supR3HardenedMonitor_LdrLoadDll: pName=imm32.dll *pfFlags=0x0 pwszSearchPath=00000000007d4af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18461468.668: supR3HardenedMonitor_LdrLoadDll: 'imm32.dll' -> 'C:\Windows\system32\imm32.dll' [rcNt=0xc0150008]
18471468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
18481468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18491468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
18501468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18511468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18521468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
18531468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
18541468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18551468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
18561468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
18571468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff6b0000 'C:\Windows\system32\imm32.dll'
18581468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8a30000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
18591468.668: SUPR3HardenedMain: Calling TrustedMain (000007fee8a31ca0)...
18601468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18611468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
18621468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
18631468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000066ead0:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18641468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005a4 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18651468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
18661468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
18671468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
18681468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
18691468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18701468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18711468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
18721468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
18731468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll)WinVerifyTrust
18741468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18751468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18761468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
18771468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
18781468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18791468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
18801468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18811468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18821468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
18831468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18841468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18851468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32\uxtheme.dll'
18861468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000066ead0:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18871468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18881468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32\uxtheme.dll'
18891468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000066ee40:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18901468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18911468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32\uxtheme.dll'
18921468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000066ee40:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18931468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18941468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32\uxtheme.dll'
18951468.668: supR3HardenedMonitor_LdrLoadDll: pName=dwmapi.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18961468.668: supR3HardenedMonitor_LdrLoadDll: 'dwmapi.dll' -> 'C:\Windows\system32\dwmapi.dll' [rcNt=0xc0150008]
18971468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
18981468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb8a0000 'C:\Windows\system32\dwmapi.dll'
18991468.668: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19001468.668: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\Windows\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
19011468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
19021468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4e0000 'C:\Windows\system32\CRYPTBASE.dll'
19031468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19041468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
19051468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
19061468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19071468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
19081468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077620000 'C:\Windows\system32\kernel32.dll'
19091468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19101468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
19111468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32\uxtheme.dll'
19121468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19131468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
19141468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32\uxtheme.dll'
19151468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19161468.668: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 2
19171468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
19181468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19191468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
19201468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
19211468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19221468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
19231468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32\uxtheme.dll'
19241468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19251468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
19261468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
19271468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19281468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19291468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1e0000 'C:\Windows\system32\advapi32.dll'
19301468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19311468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
19321468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd970000 'C:\Windows\system32\userenv.dll'
19331468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19341468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
19351468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077620000 'C:\Windows\system32\kernel32.dll'
19361468.668: supR3HardenedMonitor_LdrLoadDll: pName=CLBCatQ.DLL *pfFlags=0x0 pwszSearchPath=000000000044eb50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19371468.668: supR3HardenedMonitor_LdrLoadDll: 'CLBCatQ.DLL' -> 'C:\Windows\system32\CLBCatQ.DLL' [rcNt=0xc0150008]
19381468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005f8 pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
19391468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
19401468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
19411468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
19421468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
19431468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19441468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19451468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
19461468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
19471468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
19481468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
19491468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
19501468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)WinVerifyTrust
19511468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
19521468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19531468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
19541468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
19551468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19561468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
19571468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19581468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19591468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
19601468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19611468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
19631468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
19641468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
19661468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
19671468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19681468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
19691468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
19701468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
19711468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff610000 'C:\Windows\system32\CLBCatQ.DLL'
19721468.668: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000007d33e0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19731468.668: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
19741468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19751468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1e0000 'C:\Windows\system32\ADVAPI32.dll'
19761468.668: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000007d33e0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19771468.668: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
19781468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
19791468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce80000 'C:\Windows\system32\CRYPTSP.dll'
19801468.668: supR3HardenedMonitor_LdrLoadDll: pName=RpcRtRemote.dll *pfFlags=0x0 pwszSearchPath=00000000007d33e0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19811468.668: supR3HardenedMonitor_LdrLoadDll: 'RpcRtRemote.dll' -> 'C:\Windows\system32\RpcRtRemote.dll' [rcNt=0xc0150008]
19821468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000618 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
19831468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
19841468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
19851468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
19861468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
19871468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19881468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
19891468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll)WinVerifyTrust
19901468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
19911468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19921468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
19931468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
19941468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
19951468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd590000 'C:\Windows\system32\RpcRtRemote.dll'
19961468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll *pfFlags=0x0 pwszSearchPath=000000000066ee40:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19971468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19981468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\oleaut32.dll'
19991468.668: supR3HardenedMonitor_LdrLoadDll: pName=SXS.DLL *pfFlags=0x0 pwszSearchPath=00000000007d49d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20001468.668: supR3HardenedMonitor_LdrLoadDll: 'SXS.DLL' -> 'C:\Windows\system32\SXS.DLL' [rcNt=0xc0150008]
20011468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000060c pwszName=\Device\HarddiskVolume2\Windows\System32\sxs.dll
20021468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
20031468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
20041468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
20051468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\sxs.dll'
20061468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20071468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sxs.dll)WinVerifyTrust
20081468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sxs.dll
20091468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
20101468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4f0000 'C:\Windows\system32\SXS.DLL'
20111468.668: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000007d49d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20121468.668: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
20131468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
20141468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1e0000 'C:\Windows\system32\ADVAPI32.dll'
20151468.668: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32 *pfFlags=0x0 pwszSearchPath=00000000007d4d30:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20161468.668: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
20171468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
20181468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\OLEAUT32.dll'
20191468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll *pfFlags=0x0 pwszSearchPath=00000000005713c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20201468.668: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 2
20211468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
20221468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll *pfFlags=0x0 pwszSearchPath=00000000005713c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20231468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
20241468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda40000 'C:\Windows\system32\gdi32.dll'
20251468.129c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll *pfFlags=0x0 pwszSearchPath=00000000007c0690:C:\Program Files\Oracle\VirtualBox;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20261468.129c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20271468.129c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
20281468.129c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20291468.129c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
20301468.129c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
20311468.129c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
20321468.129c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
20331468.129c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll)WinVerifyTrust
20341468.129c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
20351468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20361468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
20371468.129c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
20381468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20391468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
20401468.129c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20411468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20421468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
20431468.129c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
20441468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20451468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
20461468.129c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
20471468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20481468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
20491468.129c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
20501468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
20511468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
20521468.129c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
20531468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20541468.129c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
20551468.129c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
20561468.129c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
20571468.129c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
20581468.790: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL *pfFlags=0x0 pwszSearchPath=0000000003589220:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20591468.790: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20601468.790: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
20611468.790: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll)WinVerifyTrust
20621468.790: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
20631468.790: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20641468.790: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
20651468.790: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
20661468.790: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20671468.790: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
20681468.790: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
20691468.790: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
20701468.790: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1830000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
20711468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589220:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20721468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
20731468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
20741468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000570c70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20751468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
20761468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
20771468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll *pfFlags=0x0 pwszSearchPath=0000000000570c70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20781468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20791468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2c0000 'C:\Windows\system32\ole32.dll'
20801468.668: supR3HardenedMonitor_LdrLoadDll: pName=ole32.dll *pfFlags=0x0 pwszSearchPath=00000000035893d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20811468.668: supR3HardenedMonitor_LdrLoadDll: 'ole32.dll' -> 'C:\Windows\system32\ole32.dll' [rcNt=0xc0150008]
20821468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20831468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2c0000 'C:\Windows\system32\ole32.dll'
20841468.668: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=00000000035893d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20851468.668: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
20861468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
20871468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\OLEAUT32.dll'
20881468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll *pfFlags=0x0 pwszSearchPath=0000000000576ac0:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20891468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009d4 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
20901468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
20911468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
20921468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
20931468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
20941468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20951468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20961468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
20971468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
20981468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
20991468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
21001468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
21011468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll)WinVerifyTrust
21021468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
21031468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
21041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
21051468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
21061468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
21081468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
21091468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21101468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
21111468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
21121468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21131468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
21141468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
21151468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
21161468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
21171468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009b8 pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
21181468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
21191468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
21201468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
21211468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
21221468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21231468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21241468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
21251468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
21261468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
21271468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
21281468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll)WinVerifyTrust
21291468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
21301468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21311468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21321468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21331468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
21341468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
21351468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
21361468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21371468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
21381468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
21391468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21401468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
21411468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
21421468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21431468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
21441468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
21451468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21461468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21471468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21481468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
21491468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
21501468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f30000 'C:\Windows\system32\wbem\wbemprox.dll'
21511468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll *pfFlags=0x0 pwszSearchPath=0000000000576ac0:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
21521468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009f4 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
21531468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
21541468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
21551468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
21561468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
21571468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21581468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21591468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
21601468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll)WinVerifyTrust
21611468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
21621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21631468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
21641468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
21651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21661468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21671468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21681468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
21691468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6360000 'C:\Windows\system32\wbem\wbemsvc.dll'
21701468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll *pfFlags=0x0 pwszSearchPath=0000000000576ac0:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
21711468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a00 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
21721468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
21731468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
21741468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
21751468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
21761468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21771468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21781468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
21791468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
21801468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
21811468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
21821468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
21831468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll)WinVerifyTrust
21841468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
21851468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
21861468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
21871468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009e8 pwszName=\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
21881468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
21891468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
21901468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
21911468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
21921468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21931468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21941468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
21951468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
21961468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll)WinVerifyTrust
21971468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
21981468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21991468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
22001468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
22011468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
22021468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
22031468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
22041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22051468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
22061468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
22071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
22081468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
22091468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
22101468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22111468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
22121468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22131468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
22141468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
22151468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
22161468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22171468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
22181468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
22191468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22201468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
22211468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22221468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
22231468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
22241468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef53d0000 'C:\Windows\system32\wbem\fastprox.dll'
22251468.668: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=0000000003589bb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22261468.668: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
22271468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
22281468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\OLEAUT32.dll'
22291468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\comctl32.dll *pfFlags=0x0 pwszSearchPath=0000000003589b20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22301468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comctl32.dll
22311468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9810000 'C:\Windows\system32\comctl32.dll'
22321468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINMM.dll *pfFlags=0x0 pwszSearchPath=0000000003589b20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22331468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
22341468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\WINMM.dll'
22351468.1794: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL *pfFlags=0x0 pwszSearchPath=0000000003589b20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22361468.1794: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22371468.1794: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
22381468.1794: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
22391468.1794: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
22401468.1794: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22411468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22421468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22431468.1794: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22441468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
22451468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrem.dll'
22461468.1794: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
22471468.1794: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
22481468.1794: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
22491468.1794: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
22501468.1794: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
22511468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22521468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
22531468.1794: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
22541468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22551468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
22561468.1794: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22571468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
22581468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
22591468.1794: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22601468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22611468.1794: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22621468.1794: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22631468.1794: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22641468.1794: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
22651468.1794: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee78a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
22661468.b5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL *pfFlags=0x0 pwszSearchPath=0000000003589b20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22671468.b5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22681468.b5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
22691468.b5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
22701468.b5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
22711468.b5c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll)WinVerifyTrust
22721468.b5c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
22731468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22741468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
22751468.b5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
22761468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22771468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22781468.b5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22791468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
22801468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
22811468.b5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22821468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22831468.b5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
22841468.b5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
22851468.b5c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
22861468.b5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef26c0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
22871468.8e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000003589b20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22881468.8e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22891468.8e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22901468.8e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll)WinVerifyTrust
22911468.8e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
22921468.8e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22931468.8e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22941468.8e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22951468.8e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22961468.8e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
22971468.8e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
22981468.8e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
22991468.8e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecfb0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
23001468.888: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000003589b20:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
23011468.888: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23021468.888: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
23031468.888: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23041468.888: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll)WinVerifyTrust
23051468.888: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
23061468.888: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23071468.888: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
23081468.888: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23091468.888: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
23101468.888: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
23111468.888: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
23121468.888: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23131468.888: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
23141468.888: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23151468.888: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
23161468.888: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecb60000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
23171468.169c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
23181468.169c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23191468.169c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
23201468.169c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23211468.169c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll)WinVerifyTrust
23221468.169c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
23231468.169c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23241468.169c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
23251468.169c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23261468.169c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
23271468.169c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
23281468.169c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
23291468.169c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23301468.169c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
23311468.169c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23321468.169c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
23331468.169c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecb50000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
23341468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
23351468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
23361468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee78a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
23371468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
23381468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23391468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
23401468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
23411468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
23421468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
23431468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll)WinVerifyTrust
23441468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
23451468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23461468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
23471468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
23481468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23491468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
23501468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
23511468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23521468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
23531468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
23541468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23551468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
23561468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23571468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23581468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
23591468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23601468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
23611468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecb10000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
23621468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
23631468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23641468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
23651468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23661468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
23671468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
23681468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
23691468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
23701468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
23711468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
23721468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
23731468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll)WinVerifyTrust
23741468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
23751468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
23761468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll'
23771468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c1c pwszName=\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
23781468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
23791468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
23801468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
23811468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL'
23821468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23831468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23841468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
23851468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
23861468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
23871468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL)WinVerifyTrust
23881468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
23891468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23901468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
23911468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
23921468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
23931468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
23941468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
23951468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
23961468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
23971468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
23981468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23991468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
24001468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
24011468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
24021468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxdd2.dll'
24031468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24041468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
24051468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24061468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll)WinVerifyTrust
24071468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
24081468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
24091468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxddu.dll'
24101468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24111468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
24121468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
24131468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
24141468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
24151468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
24161468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll)WinVerifyTrust
24171468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
24181468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24191468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
24201468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
24211468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
24221468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
24231468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24241468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24251468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
24261468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
24271468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24281468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
24291468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
24301468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
24311468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume2\Windows\System32\newdev.dll'
24321468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c3c pwszName=\Device\HarddiskVolume2\Windows\System32\newdev.dll
24331468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
24341468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
24351468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F4B2CF91DA6B4233E3BF5D2EC9677240BFF983C
24361468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume2\Windows\System32\newdev.dll'
24371468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24381468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24391468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
24401468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
24411468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
24421468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
24431468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
24441468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
24451468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\newdev.dll)WinVerifyTrust
24461468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\newdev.dll
24471468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
24481468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
24491468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
24501468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24511468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
24521468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
24531468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24541468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
24551468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
24561468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24571468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
24581468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
24591468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24601468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
24611468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
24621468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
24631468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
24641468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24651468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24661468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
24671468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
24681468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24691468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
24701468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
24711468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
24721468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
24731468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c28 pwszName=\Device\HarddiskVolume2\Windows\System32\winnsi.dll
24741468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
24751468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
24761468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
24771468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
24781468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24791468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24801468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
24811468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
24821468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winnsi.dll)WinVerifyTrust
24831468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winnsi.dll
24841468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
24851468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
24861468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
24871468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24881468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
24891468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24901468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
24911468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
24921468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
24931468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24941468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
24951468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
24961468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24971468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
24981468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24991468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
25001468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
25011468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
25021468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
25031468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
25041468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
25051468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
25061468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
25071468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
25081468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
25091468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
25101468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
25111468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25121468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
25131468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
25141468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25151468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
25161468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
25171468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25181468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
25191468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
25201468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
25211468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
25221468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\newdev.dll
25231468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25241468.1460: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devrtl.dll)
25251468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devrtl.dll
25261468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
25271468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
25281468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
25291468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee5590000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
25301468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c48 pwszName=\Device\HarddiskVolume2\Windows\System32\devrtl.dll
25311468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
25321468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
25331468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
25341468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
25351468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25361468.1460: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
25371468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25381468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
25391468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25401468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
25411468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
25421468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
25431468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeadf0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
25441468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25451468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
25461468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
25471468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
25481468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25491468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
25501468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
25511468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecb10000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
25521468.668: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25531468.668: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
25541468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
25551468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1e0000 'C:\Windows\system32\ADVAPI32.dll'
25561468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25571468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25581468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25591468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll)WinVerifyTrust
25601468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
25611468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25621468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
25631468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
25641468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25651468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
25661468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
25671468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
25681468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecaf0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL'
25691468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25701468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25711468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25721468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll)WinVerifyTrust
25731468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
25741468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25751468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
25761468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
25771468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25781468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
25791468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
25801468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
25811468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb790000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL'
25821468.14e8: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=000000000358a030:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25831468.14e8: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
25841468.14e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
25851468.14e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\OLEAUT32.dll'
25861468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL *pfFlags=0x0 pwszSearchPath=0000000000570d00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25871468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25881468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25891468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll)WinVerifyTrust
25901468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
25911468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25921468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
25931468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
25941468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25951468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
25961468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
25971468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
25981468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeadd0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL'
25991468.1528: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL *pfFlags=0x0 pwszSearchPath=0000000000570d00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26001468.1528: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26011468.1528: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
26021468.1528: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26031468.1528: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll)WinVerifyTrust
26041468.1528: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
26051468.1528: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26061468.1528: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
26071468.1528: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
26081468.1528: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
26091468.1528: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
26101468.1528: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
26111468.1528: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26121468.1528: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
26131468.1528: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
26141468.1528: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
26151468.1528: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec930000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
26161468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL *pfFlags=0x0 pwszSearchPath=0000000000570d00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26171468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26181468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26191468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll)WinVerifyTrust
26201468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
26211468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26221468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
26231468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
26241468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26251468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
26261468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
26271468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
26281468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feefbd0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL'
26291468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll *pfFlags=0x0 pwszSearchPath=0000000000670180:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26301468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ce8 pwszName=\Device\HarddiskVolume2\Windows\System32\dsound.dll
26311468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
26321468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
26331468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
26341468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\dsound.dll'
26351468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26361468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26371468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
26381468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
26391468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
26401468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
26411468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
26421468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dsound.dll)WinVerifyTrust
26431468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dsound.dll
26441468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
26451468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'
26461468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cec pwszName=\Device\HarddiskVolume2\Windows\System32\powrprof.dll
26471468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
26481468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
26491468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
26501468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\powrprof.dll'
26511468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26521468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26531468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
26541468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
26551468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\powrprof.dll)WinVerifyTrust
26561468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\powrprof.dll
26571468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
26581468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
26591468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
26601468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26611468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
26621468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
26631468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26641468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
26651468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
26661468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26671468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
26681468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
26691468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26701468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
26711468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
26721468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
26731468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
26741468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
26751468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26761468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
26771468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
26781468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26791468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
26801468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
26811468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
26821468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\powrprof.dll
26831468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll *pfFlags=0x0 pwszSearchPath=0000000000570d00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26841468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
26851468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4880000 'C:\Windows\System32\dsound.dll'
26861468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4880000 'C:\Windows\System32\dsound.dll'
26871468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll *pfFlags=0x0 pwszSearchPath=0000000000670180:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26881468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cf0 pwszName=\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
26891468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
26901468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
26911468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
26921468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll'
26931468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26941468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26951468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
26961468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
26971468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
26981468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll)WinVerifyTrust
26991468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
27001468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
27011468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll'
27021468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d14 pwszName=\Device\HarddiskVolume2\Windows\System32\propsys.dll
27031468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
27041468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
27051468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
27061468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\propsys.dll'
27071468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27081468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27091468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
27101468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
27111468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
27121468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
27131468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\propsys.dll)WinVerifyTrust
27141468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll
27151468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27161468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
27171468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
27181468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27191468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
27201468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
27211468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27221468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
27231468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
27241468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27251468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
27261468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
27271468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27281468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
27291468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
27301468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
27311468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
27321468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
27331468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
27341468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
27351468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
27361468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27371468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
27381468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
27391468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
27401468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll
27411468.1460: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000570d00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27421468.1460: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
27431468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
27441468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1e0000 'C:\Windows\system32\ADVAPI32.dll'
27451468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9f0000 'C:\Windows\System32\MMDevApi.dll'
27461468.1460: supR3HardenedMonitor_LdrLoadDll: pName=ole32.dll *pfFlags=0x0 pwszSearchPath=0000000003589610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27471468.1460: supR3HardenedMonitor_LdrLoadDll: 'ole32.dll' -> 'C:\Windows\system32\ole32.dll' [rcNt=0xc0150008]
27481468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
27491468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2c0000 'C:\Windows\system32\ole32.dll'
27501468.1460: supR3HardenedMonitor_LdrLoadDll: pName=SETUPAPI.dll *pfFlags=0x0 pwszSearchPath=0000000003589610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27511468.1460: supR3HardenedMonitor_LdrLoadDll: 'SETUPAPI.dll' -> 'C:\Windows\system32\SETUPAPI.dll' [rcNt=0xc0150008]
27521468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
27531468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff970000 'C:\Windows\system32\SETUPAPI.dll'
27541468.1460: supR3HardenedMonitor_LdrLoadDll: pName=SHLWAPI.dll *pfFlags=0x0 pwszSearchPath=0000000003589610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27551468.1460: supR3HardenedMonitor_LdrLoadDll: 'SHLWAPI.dll' -> 'C:\Windows\system32\SHLWAPI.dll' [rcNt=0xc0150008]
27561468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
27571468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbb0000 'C:\Windows\system32\SHLWAPI.dll'
27581468.1460: supR3HardenedMonitor_LdrLoadDll: pName=MMDEVAPI.DLL *pfFlags=0x0 pwszSearchPath=0000000003589610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27591468.1460: supR3HardenedMonitor_LdrLoadDll: 'MMDEVAPI.DLL' -> 'C:\Windows\system32\MMDEVAPI.DLL' [rcNt=0xc0150008]
27601468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
27611468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9f0000 'C:\Windows\system32\MMDEVAPI.DLL'
27621468.1460: supR3HardenedMonitor_LdrLoadDll: pName=ole32.dll *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27631468.1460: supR3HardenedMonitor_LdrLoadDll: 'ole32.dll' -> 'C:\Windows\system32\ole32.dll' [rcNt=0xc0150008]
27641468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
27651468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2c0000 'C:\Windows\system32\ole32.dll'
27661468.d74: supR3HardenedMonitor_LdrLoadDll: pName=CFGMGR32.dll *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27671468.d74: supR3HardenedMonitor_LdrLoadDll: 'CFGMGR32.dll' -> 'C:\Windows\system32\CFGMGR32.dll' [rcNt=0xc0150008]
27681468.d74: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
27691468.d74: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6a0000 'C:\Windows\system32\CFGMGR32.dll'
27701468.17d0: supR3HardenedMonitor_LdrLoadDll: pName=AUDIOSES.DLL *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
27711468.17d0: supR3HardenedMonitor_LdrLoadDll: 'AUDIOSES.DLL' -> 'C:\Windows\system32\AUDIOSES.DLL' [rcNt=0xc0150008]
27721468.17d0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d68 pwszName=\Device\HarddiskVolume2\Windows\System32\AudioSes.dll
27731468.17d0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
27741468.17d0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
27751468.17d0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E7B264B3670B74C7A34AEDBA5E942385CDC0D1C9
27761468.17d0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB3005607~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\AudioSes.dll'
27771468.17d0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27781468.17d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27791468.17d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
27801468.17d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
27811468.17d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
27821468.17d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
27831468.17d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
27841468.17d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
27851468.17d0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll)WinVerifyTrust
27861468.17d0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
27871468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
27881468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll'
27891468.17d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
27901468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27911468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
27921468.17d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
27931468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27941468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
27951468.17d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
27961468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
27971468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
27981468.17d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
27991468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
28001468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
28011468.17d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
28021468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28031468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
28041468.17d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
28051468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28061468.17d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
28071468.17d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
28081468.17d0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
28091468.17d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6c20000 'C:\Windows\system32\AUDIOSES.DLL'
28101468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28111468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
28121468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
28131468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
28141468.1460: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28151468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
28161468.1460: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28171468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdab0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
28181468.1460: supR3HardenedMonitor_LdrLoadDll: pName=RPCRT4.dll *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28191468.1460: supR3HardenedMonitor_LdrLoadDll: 'RPCRT4.dll' -> 'C:\Windows\system32\RPCRT4.dll' [rcNt=0xc0150008]
28201468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
28211468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4e0000 'C:\Windows\system32\RPCRT4.dll'
28221468.1460: supR3HardenedMonitor_LdrLoadDll: pName=MMDevAPI.DLL *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28231468.1460: supR3HardenedMonitor_LdrLoadDll: 'MMDevAPI.DLL' -> 'C:\Windows\system32\MMDevAPI.DLL' [rcNt=0xc0150008]
28241468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
28251468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9f0000 'C:\Windows\system32\MMDevAPI.DLL'
28261468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28271468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
28281468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000db8 pwszName=\Device\HarddiskVolume2\Windows\System32\wdmaud.drv
28291468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
28301468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
28311468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
28321468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wdmaud.drv'
28331468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28341468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28351468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
28361468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
28371468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
28381468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
28391468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
28401468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
28411468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
28421468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv)WinVerifyTrust
28431468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
28441468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
28451468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll'
28461468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dbc pwszName=\Device\HarddiskVolume2\Windows\System32\avrt.dll
28471468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
28481468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
28491468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
28501468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\avrt.dll'
28511468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28521468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\avrt.dll)WinVerifyTrust
28531468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll
28541468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
28551468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll'
28561468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
28571468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
28581468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll'
28591468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dd0 pwszName=\Device\HarddiskVolume2\Windows\System32\ksuser.dll
28601468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
28611468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
28621468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EC3873F9ACBE279185D3540F02128F42D21D0856
28631468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ksuser.dll'
28641468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28651468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28661468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll)WinVerifyTrust
28671468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll
28681468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
28691468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
28701468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
28711468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28721468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
28731468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
28741468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
28751468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
28761468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
28771468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28781468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
28791468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
28801468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28811468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
28821468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
28831468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28841468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
28851468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
28861468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
28871468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll
28881468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
28891468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
28901468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28911468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
28921468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
28931468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
28941468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=000000000358a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28951468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
28961468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
28971468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
28981468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=0000000003589a90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28991468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
29001468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
29011468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
29021468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=0000000003589a90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29031468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
29041468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
29051468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
29061468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=0000000003589a90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29071468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
29081468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
29091468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
29101468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29111468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
29121468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
29131468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
29141468.1460: supR3HardenedMonitor_LdrLoadDll: pName=wdmaud.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29151468.1460: supR3HardenedMonitor_LdrLoadDll: 'wdmaud.drv' -> 'C:\Windows\system32\wdmaud.drv' [rcNt=0xc0150008]
29161468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
29171468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4790000 'C:\Windows\system32\wdmaud.drv'
29181468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29191468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
29201468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dd4 pwszName=\Device\HarddiskVolume2\Windows\System32\msacm32.drv
29211468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
29221468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
29231468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=522563F5384AD4C93CF5CF4EEA899D3267552328
29241468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\msacm32.drv'
29251468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29261468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29271468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
29281468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
29291468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
29301468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
29311468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv)WinVerifyTrust
29321468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv
29331468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
29341468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll'
29351468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
29361468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
29371468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll'
29381468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dec pwszName=\Device\HarddiskVolume2\Windows\System32\msacm32.dll
29391468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
29401468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
29411468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCA0A8AEE81B82C402AA72A300B2C8D2DC17C1DA
29421468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\msacm32.dll'
29431468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29441468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29451468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
29461468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
29471468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
29481468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
29491468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll)WinVerifyTrust
29501468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll
29511468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
29521468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
29531468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
29541468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29551468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
29561468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
29571468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29581468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
29591468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
29601468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
29611468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
29621468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
29631468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
29641468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
29651468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
29661468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29671468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
29681468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
29691468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
29701468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
29711468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
29721468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29731468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
29741468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
29751468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
29761468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll
29771468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
29781468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29791468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
29801468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
29811468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
29821468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29831468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
29841468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
29851468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
29861468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29871468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
29881468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
29891468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
29901468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29911468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
29921468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
29931468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
29941468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29951468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
29961468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
29971468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
29981468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29991468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
30001468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
30011468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
30021468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30031468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
30041468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
30051468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
30061468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30071468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
30081468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
30091468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
30101468.1460: supR3HardenedMonitor_LdrLoadDll: pName=msacm32.drv *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30111468.1460: supR3HardenedMonitor_LdrLoadDll: 'msacm32.drv' -> 'C:\Windows\system32\msacm32.drv' [rcNt=0xc0150008]
30121468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
30131468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6960000 'C:\Windows\system32\msacm32.drv'
30141468.1460: supR3HardenedMonitor_LdrLoadDll: pName=midimap.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30151468.1460: supR3HardenedMonitor_LdrLoadDll: 'midimap.dll' -> 'C:\Windows\system32\midimap.dll' [rcNt=0xc0150008]
30161468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dc8 pwszName=\Device\HarddiskVolume2\Windows\System32\midimap.dll
30171468.1460: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
30181468.1460: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
30191468.1460: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43116C5C719A4751DA70B12932084D73D7AACEA3
30201468.1460: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\midimap.dll'
30211468.1460: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30221468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30231468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
30241468.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
30251468.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\midimap.dll)WinVerifyTrust
30261468.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll
30271468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
30281468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
30291468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30301468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30311468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
30321468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
30331468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30341468.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
30351468.1460: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
30361468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
30371468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6870000 'C:\Windows\system32\midimap.dll'
30381468.1460: supR3HardenedMonitor_LdrLoadDll: pName=midimap.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30391468.1460: supR3HardenedMonitor_LdrLoadDll: 'midimap.dll' -> 'C:\Windows\system32\midimap.dll' [rcNt=0xc0150008]
30401468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
30411468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6870000 'C:\Windows\system32\midimap.dll'
30421468.1460: supR3HardenedMonitor_LdrLoadDll: pName=midimap.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30431468.1460: supR3HardenedMonitor_LdrLoadDll: 'midimap.dll' -> 'C:\Windows\system32\midimap.dll' [rcNt=0xc0150008]
30441468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
30451468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6870000 'C:\Windows\system32\midimap.dll'
30461468.1460: supR3HardenedMonitor_LdrLoadDll: pName=midimap.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30471468.1460: supR3HardenedMonitor_LdrLoadDll: 'midimap.dll' -> 'C:\Windows\system32\midimap.dll' [rcNt=0xc0150008]
30481468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
30491468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6870000 'C:\Windows\system32\midimap.dll'
30501468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30511468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30521468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30531468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30541468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30551468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30561468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30571468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30581468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30591468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30601468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30611468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30621468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30631468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30641468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30651468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30661468.1460: supR3HardenedMonitor_LdrLoadDll: pName=ole32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30671468.1460: supR3HardenedMonitor_LdrLoadDll: 'ole32.dll' -> 'C:\Windows\system32\ole32.dll' [rcNt=0xc0150008]
30681468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
30691468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2c0000 'C:\Windows\system32\ole32.dll'
30701468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30711468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30721468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30731468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30741468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30751468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30761468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30771468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30781468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30791468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30801468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30811468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30821468.1460: supR3HardenedMonitor_LdrLoadDll: pName=winmm.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30831468.1460: supR3HardenedMonitor_LdrLoadDll: 'winmm.dll' -> 'C:\Windows\system32\winmm.dll' [rcNt=0xc0150008]
30841468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
30851468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Windows\system32\winmm.dll'
30861468.1830: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll *pfFlags=0x0 pwszSearchPath=000000000066fb50:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30871468.1830: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
30881468.1830: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6c20000 'C:\Windows\System32\audioses.dll'
30891468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30901468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
30911468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee78a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
30921468.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30931468.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
30941468.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
30951468.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077620000 'C:\Windows\system32/kernel32.dll'
30961468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll *pfFlags=0x0 pwszSearchPath=000000000048d090:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30971468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
30981468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdfd0000 'C:\Windows\system32\MSCTF.dll'
30991468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll *pfFlags=0x0 pwszSearchPath=000000000358a390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31001468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
31011468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2c0000 'C:\Windows\system32\ole32.dll'
31021468.668: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.DLL *pfFlags=0x0 pwszSearchPath=000000000358a390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31031468.668: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.DLL' -> 'C:\Windows\system32\OLEAUT32.DLL' [rcNt=0xc0150008]
31041468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
31051468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\OLEAUT32.DLL'
31061468.668: supR3HardenedMonitor_LdrLoadDll: pName=mscms.dll *pfFlags=0x0 pwszSearchPath=0000000003589340:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31071468.668: supR3HardenedMonitor_LdrLoadDll: 'mscms.dll' -> 'C:\Windows\system32\mscms.dll' [rcNt=0xc0150008]
31081468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000658 pwszName=\Device\HarddiskVolume2\Windows\System32\mscms.dll
31091468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
31101468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
31111468.668: supR3HardenedMonitor_LdrLoadDll: pName=WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000003589100:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31121468.668: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\Windows\system32\WINTRUST.DLL' [rcNt=0xc0150008]
31131468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
31141468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd900000 'C:\Windows\system32\WINTRUST.DLL'
31151468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x1002 pwszSearchPath=0000000003589100:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31161468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
31171468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd770000 'C:\Windows\system32\CRYPT32.dll'
31181468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=77B48D4C63C7308FE42B2B7DF054999F6CE86C20
31191468.668: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=000000000358a1e0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31201468.668: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
31211468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
31221468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
31231468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\mscms.dll'
31241468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31251468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31261468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'userenv.dll'.
31271468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
31281468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
31291468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mscms.dll)WinVerifyTrust
31301468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mscms.dll
31311468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
31321468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
31331468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
31341468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
31351468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
31361468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
31371468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
31381468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
31391468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
31401468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31411468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
31421468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
31431468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mscms.dll
31441468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9cb0000 'C:\Windows\system32\mscms.dll'
31451468.668: supR3HardenedMonitor_LdrLoadDll: pName=icm32.dll *pfFlags=0x0 pwszSearchPath=0000000003589340:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31461468.668: supR3HardenedMonitor_LdrLoadDll: 'icm32.dll' -> 'C:\Windows\system32\icm32.dll' [rcNt=0xc0150008]
31471468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f18 pwszName=\Device\HarddiskVolume2\Windows\System32\icm32.dll
31481468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
31491468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
31501468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A467A1C0C873D06FC9374DE3DAC05A8C3CE89002
31511468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\icm32.dll'
31521468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31531468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31541468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mscms.dll'.
31551468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
31561468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\icm32.dll)WinVerifyTrust
31571468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\icm32.dll
31581468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
31591468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
31601468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
31611468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mscms.dll'...
31621468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'mscms.dll' -> '\Device\HarddiskVolume2\Windows\System32\mscms.dll'
31631468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mscms.dll
31641468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31651468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
31661468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
31671468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\icm32.dll
31681468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecba0000 'C:\Windows\system32\icm32.dll'
31691468.878: supR3HardenedMonitor_LdrLoadDll: pName=avrt.dll *pfFlags=0x0 pwszSearchPath=0000000003589850:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31701468.878: supR3HardenedMonitor_LdrLoadDll: 'avrt.dll' -> 'C:\Windows\system32\avrt.dll' [rcNt=0xc0150008]
31711468.878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
31721468.878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe60000 'C:\Windows\system32\avrt.dll'
31731468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589220:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31741468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
31751468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
31761468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxoglhostcrutil.dll'.
31771468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31781468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
31791468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtcorevbox4.dll'.
31801468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtguivbox4.dll'.
31811468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtopenglvbox4.dll'.
31821468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'opengl32.dll'.
31831468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
31841468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
31851468.668: supR3HardenedMonitor_LdrLoadDll: pName=WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
31861468.668: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\Windows\system32\WINTRUST.DLL' [rcNt=0xc0150008]
31871468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
31881468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
31891468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
31901468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
31911468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
31921468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll'
31931468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
31941468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
31951468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
31961468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
31971468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
31981468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
31991468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
32001468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32011468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
32021468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
32031468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32041468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
32051468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
32061468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
32071468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
32081468.668: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll'.
32091468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32101468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
32111468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
32121468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
32131468.668: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
32141468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll)
32151468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
32161468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
32171468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
32181468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
32191468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
32201468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
32211468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
32221468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32231468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
32241468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
32251468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32261468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
32271468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
32281468.668: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32291468.668: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
32301468.668: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
32311468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd900000 'C:\Windows\system32\WINTRUST.DLL'
32321468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x1002 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32331468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
32341468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd770000 'C:\Windows\system32\CRYPT32.dll'
32351468.668: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32361468.668: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
32371468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
32381468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8de0000 'C:\Windows\system32\cryptnet.dll'
32391468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
32401468.668: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll'
32411468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
32421468.668: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fc0 pwszName=\Device\HarddiskVolume2\Windows\System32\apphelp.dll
32431468.668: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000046e7e0
32441468.668: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000046e7e0
32451468.668: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82846C7DC170BBD7F68FE9966A8D339A60BCFF16
32461468.668: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\apphelp.dll'
32471468.668: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32481468.668: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)WinVerifyTrust
32491468.668: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
32501468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll
32511468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd480000 'C:\Windows\system32\apphelp.dll'
32521468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589850:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32531468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32541468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32551468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32561468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32571468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32581468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32591468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32601468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32611468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32621468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32631468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32641468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32651468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32661468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32671468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32681468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32691468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32701468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32711468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32721468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32731468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32741468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32751468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32761468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32771468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32781468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32791468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32801468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32811468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32821468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32831468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32841468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32851468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32861468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
32871468.668: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
32881468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe00000 'C:\Windows\system32/uxtheme.dll'
32891468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32901468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32911468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32921468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32931468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32941468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32951468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32961468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
32971468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
32981468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
32991468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33001468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33011468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33021468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33031468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33041468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33051468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33061468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33071468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33081468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33091468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33101468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33111468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33121468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33131468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33141468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
33151468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdfd0000 'C:\Windows\system32\msctf.dll'
33161468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33171468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
33181468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdfd0000 'C:\Windows\system32\msctf.dll'
33191468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33201468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33211468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33221468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33231468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33241468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33251468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33261468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33271468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33281468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33291468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33301468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33311468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33321468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33331468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33341468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000358a5d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33351468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
33361468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0e0000 'C:\Windows\system32\shell32.dll'
33371468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33381468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33391468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33401468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33411468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33421468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33431468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33441468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33451468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33461468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33471468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33481468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33491468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33501468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33511468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33521468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33531468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33541468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33551468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33561468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33571468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33581468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33591468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33601468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33611468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33621468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33631468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33641468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33651468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33661468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33671468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33681468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33691468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'
33701468.668: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000003589190:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
33711468.668: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
33721468.668: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077740000 'C:\Windows\system32\user32.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy