1358.135c: Log file opened: 4.3.20r96996 g_hStartupLog=00000000000000ac g_uNtVerCombined=0x611db110 1358.135c: \SystemRoot\System32\ntdll.dll: 1358.135c: CreationTime: 2012-06-05T09:08:33.845363600Z 1358.135c: LastWriteTime: 2011-11-17T06:41:18.858669900Z 1358.135c: ChangeTime: 2012-06-27T07:23:11.852173900Z 1358.135c: FileAttributes: 0x20 1358.135c: Size: 0x1a6d50 1358.135c: NT Headers: 0xe0 1358.135c: Timestamp: 0x4ec4aa8e 1358.135c: Machine: 0x8664 - amd64 1358.135c: Timestamp: 0x4ec4aa8e 1358.135c: Image Version: 6.1 1358.135c: SizeOfImage: 0x1a9000 (1740800) 1358.135c: Resource Dir: 0x151000 LB 0x560d8 1358.135c: ProductName: Microsoft® Windows® Operating System 1358.135c: ProductVersion: 6.1.7601.17725 1358.135c: FileVersion: 6.1.7601.17725 (win7sp1_gdr.111116-1503) 1358.135c: FileDescription: NT Layer DLL 1358.135c: \SystemRoot\System32\kernel32.dll: 1358.135c: CreationTime: 2012-06-05T09:10:20.487150900Z 1358.135c: LastWriteTime: 2011-07-16T05:37:12.377000000Z 1358.135c: ChangeTime: 2012-06-27T07:23:11.259372900Z 1358.135c: FileAttributes: 0x20 1358.135c: Size: 0x11be00 1358.135c: NT Headers: 0xe8 1358.135c: Timestamp: 0x4e21213b 1358.135c: Machine: 0x8664 - amd64 1358.135c: Timestamp: 0x4e21213b 1358.135c: Image Version: 6.1 1358.135c: SizeOfImage: 0x11f000 (1175552) 1358.135c: Resource Dir: 0x116000 LB 0x528 1358.135c: ProductName: Microsoft® Windows® Operating System 1358.135c: ProductVersion: 6.1.7601.17651 1358.135c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504) 1358.135c: FileDescription: Windows NT BASE API Client DLL 1358.135c: \SystemRoot\System32\KernelBase.dll: 1358.135c: CreationTime: 2012-06-05T09:10:20.533951000Z 1358.135c: LastWriteTime: 2011-07-16T05:37:12.596000000Z 1358.135c: ChangeTime: 2012-06-27T07:23:11.274972900Z 1358.135c: FileAttributes: 0x20 1358.135c: Size: 0x67000 1358.135c: NT Headers: 0xe8 1358.135c: Timestamp: 0x4e21213c 1358.135c: Machine: 0x8664 - amd64 1358.135c: Timestamp: 0x4e21213c 1358.135c: Image Version: 6.1 1358.135c: SizeOfImage: 0x6c000 (442368) 1358.135c: Resource Dir: 0x6a000 LB 0x530 1358.135c: ProductName: Microsoft® Windows® Operating System 1358.135c: ProductVersion: 6.1.7601.17651 1358.135c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504) 1358.135c: FileDescription: Windows NT BASE API Client DLL 1358.135c: \SystemRoot\System32\apisetschema.dll: 1358.135c: CreationTime: 2009-07-13T23:18:54.866423200Z 1358.135c: LastWriteTime: 2009-07-14T01:24:53.779000000Z 1358.135c: ChangeTime: 2012-06-27T07:23:12.756975500Z 1358.135c: FileAttributes: 0x20 1358.135c: Size: 0x1a00 1358.135c: NT Headers: 0xc0 1358.135c: Timestamp: 0x4a5bdeab 1358.135c: Machine: 0x8664 - amd64 1358.135c: Timestamp: 0x4a5bdeab 1358.135c: Image Version: 6.1 1358.135c: SizeOfImage: 0x50000 (327680) 1358.135c: Resource Dir: 0x30000 LB 0x3f0 1358.135c: ProductName: Microsoft® Windows® Operating System 1358.135c: ProductVersion: 6.1.7600.16385 1358.135c: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) 1358.135c: FileDescription: ApiSet Schema DLL 1358.135c: supR3HardenedWinFindAdversaries: 0x0 1358.135c: Calling main() 1358.135c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1358.135c: SUPR3HardenedMain: Respawn #1 1358.135c: System32: \Device\HarddiskVolume2\Windows\System32 1358.135c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs 1358.135c: KnownDllPath: C:\Windows\system32 1358.135c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1358.135c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1358.135c: supR3HardNtEnableThreadCreation: 1358.135c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007716c320 pvNtTerminateThread=0000000077191840 1358.135c: supR3HardenedWinDoReSpawn(1): New child 1368.136c [kernel32]. 1358.135c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x380 1358.135c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077140000 uNtDllChildAddr=0000000077140000 1358.135c: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007716c320 1358.135c: supR3HardenedWinSetupChildInit: Start child. 1358.135c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 1358.135c: supR3HardNtChildPurify: Startup delay kludge #1/0: 265 ms, 17 sleeps 1358.135c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1358.135c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000 1358.135c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000 1358.135c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000 1358.135c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000 1358.135c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000 1358.135c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000 1358.135c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000 1358.135c: 0000000000051000-fffffffffffa1fff 0x0001/0x0000 0x0000000 1358.135c: *0000000000100000-0000000000003fff 0x0000/0x0004 0x0020000 1358.135c: 00000000001fc000-00000000001f8fff 0x0104/0x0004 0x0020000 1358.135c: 00000000001ff000-00000000001fdfff 0x0004/0x0004 0x0020000 1358.135c: 0000000000200000-ffffffff892bffff 0x0001/0x0000 0x0000000 1358.135c: *0000000077140000-000000007713efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1358.135c: 0000000077141000-000000007703efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1358.135c: 0000000077243000-0000000077213fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1358.135c: 0000000077272000-0000000077265fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1358.135c: 000000007727e000-0000000077212fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1358.135c: 00000000772e9000-000000006f5f1fff 0x0001/0x0000 0x0000000 1358.135c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000 1358.135c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 1358.135c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 1358.135c: 000000007fff0000-ffffffffc075ffff 0x0001/0x0000 0x0000000 1358.135c: *000000013f880000-000000013f87efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f881000-000000013f7fcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f905000-000000013f903fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f906000-000000013f8c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f943000-000000013f941fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f944000-000000013f942fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f945000-000000013f942fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f947000-000000013f945fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f948000-000000013f946fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f949000-000000013f944fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f94d000-000000013f913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1358.135c: 000000013f986000-fffff8037feabfff 0x0001/0x0000 0x0000000 1358.135c: *000007feff460000-000007feff45efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll 1358.135c: 000007feff461000-000007fdfe911fff 0x0001/0x0000 0x0000000 1358.135c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000 1358.135c: 000007fffffd3000-000007fffffcffff 0x0001/0x0000 0x0000000 1358.135c: *000007fffffd6000-000007fffffd4fff 0x0004/0x0004 0x0020000 1358.135c: 000007fffffd7000-000007fffffcffff 0x0001/0x0000 0x0000000 1358.135c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000 1358.135c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000 1358.135c: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS) 1358.135c: VirtualBox.exe: timestamp 0x546f44b2 (rc=VINF_SUCCESS) 1358.135c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1358.135c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1358.135c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1358.135c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports 1358.135c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1358.135c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1358.135c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports 1358.135c: supR3HardNtChildPurify: Done after 281 ms and 0 fixes (loop #0). 1368.136c: Log file opened: 4.3.20r96996 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110 1368.136c: supR3HardenedVmProcessInit: uNtDllAddr=0000000077140000 1368.136c: ntdll.dll: timestamp 0x4ec4aa8e (rc=VINF_SUCCESS) 1368.136c: New simple heap: #1 0000000000300000 LB 0x400000 (for 1740800 allocation) 1358.135c: supR3HardNtEnableThreadCreation: 1368.136c: System32: \Device\HarddiskVolume2\Windows\System32 1368.136c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs 1368.136c: KnownDllPath: C:\Windows\system32 1368.136c: supR3HardenedVmProcessInit: Opening vboxdrv stub... 1368.136c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 1368.136c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 1368.136c: Registered Dll notification callback with NTDLL. 1368.136c: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 0000000076a60000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd8c0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0] 1368.136c: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'C:\Windows\system32\kernel32.dll' 1368.136c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007716c320 pvNtTerminateThread=0000000077191840 1358.135c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 16 ms. 1368.136c: \SystemRoot\System32\ntdll.dll: 1368.136c: CreationTime: 2012-06-05T09:08:33.845363600Z 1368.136c: LastWriteTime: 2011-11-17T06:41:18.858669900Z 1368.136c: ChangeTime: 2012-06-27T07:23:11.852173900Z 1368.136c: FileAttributes: 0x20 1368.136c: Size: 0x1a6d50 1368.136c: NT Headers: 0xe0 1368.136c: Timestamp: 0x4ec4aa8e 1368.136c: Machine: 0x8664 - amd64 1368.136c: Timestamp: 0x4ec4aa8e 1368.136c: Image Version: 6.1 1368.136c: SizeOfImage: 0x1a9000 (1740800) 1368.136c: Resource Dir: 0x151000 LB 0x560d8 1368.136c: ProductName: Microsoft® Windows® Operating System 1368.136c: ProductVersion: 6.1.7601.17725 1368.136c: FileVersion: 6.1.7601.17725 (win7sp1_gdr.111116-1503) 1368.136c: FileDescription: NT Layer DLL 1368.136c: \SystemRoot\System32\kernel32.dll: 1368.136c: CreationTime: 2012-06-05T09:10:20.487150900Z 1368.136c: LastWriteTime: 2011-07-16T05:37:12.377000000Z 1368.136c: ChangeTime: 2012-06-27T07:23:11.259372900Z 1368.136c: FileAttributes: 0x20 1368.136c: Size: 0x11be00 1368.136c: NT Headers: 0xe8 1368.136c: Timestamp: 0x4e21213b 1368.136c: Machine: 0x8664 - amd64 1368.136c: Timestamp: 0x4e21213b 1368.136c: Image Version: 6.1 1368.136c: SizeOfImage: 0x11f000 (1175552) 1368.136c: Resource Dir: 0x116000 LB 0x528 1368.136c: ProductName: Microsoft® Windows® Operating System 1368.136c: ProductVersion: 6.1.7601.17651 1368.136c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504) 1368.136c: FileDescription: Windows NT BASE API Client DLL 1368.136c: \SystemRoot\System32\KernelBase.dll: 1368.136c: CreationTime: 2012-06-05T09:10:20.533951000Z 1368.136c: LastWriteTime: 2011-07-16T05:37:12.596000000Z 1368.136c: ChangeTime: 2012-06-27T07:23:11.274972900Z 1368.136c: FileAttributes: 0x20 1368.136c: Size: 0x67000 1368.136c: NT Headers: 0xe8 1368.136c: Timestamp: 0x4e21213c 1368.136c: Machine: 0x8664 - amd64 1368.136c: Timestamp: 0x4e21213c 1368.136c: Image Version: 6.1 1368.136c: SizeOfImage: 0x6c000 (442368) 1368.136c: Resource Dir: 0x6a000 LB 0x530 1368.136c: ProductName: Microsoft® Windows® Operating System 1368.136c: ProductVersion: 6.1.7601.17651 1368.136c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504) 1368.136c: FileDescription: Windows NT BASE API Client DLL 1368.136c: \SystemRoot\System32\apisetschema.dll: 1368.136c: CreationTime: 2009-07-13T23:18:54.866423200Z 1368.136c: LastWriteTime: 2009-07-14T01:24:53.779000000Z 1368.136c: ChangeTime: 2012-06-27T07:23:12.756975500Z 1368.136c: FileAttributes: 0x20 1368.136c: Size: 0x1a00 1368.136c: NT Headers: 0xc0 1368.136c: Timestamp: 0x4a5bdeab 1368.136c: Machine: 0x8664 - amd64 1368.136c: Timestamp: 0x4a5bdeab 1368.136c: Image Version: 6.1 1368.136c: SizeOfImage: 0x50000 (327680) 1368.136c: Resource Dir: 0x30000 LB 0x3f0 1368.136c: ProductName: Microsoft® Windows® Operating System 1368.136c: ProductVersion: 6.1.7600.16385 1368.136c: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) 1368.136c: FileDescription: ApiSet Schema DLL 1368.136c: supR3HardenedWinFindAdversaries: 0x0 1368.136c: Calling main() 1368.136c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1368.136c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1368.136c: SUPR3HardenedMain: Respawn #2 1368.136c: supR3HardNtEnableThreadCreation: 1368.136c: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x1000 pwszSearchPath=0000000000000000: [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefeaa0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.DLL [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff3b0000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefda80000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefec20000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeaa0000 'C:\Windows\system32\ADVAPI32.DLL' 1368.136c: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd420000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd420000 'C:\Windows\system32\apphelp.dll' 1368.136c: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) 1368.136c: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment WXP --startvm ae6d02ce-7c47-4e2a-805c-3c25a49515e2 --no-startvm-errormsgbox "--sup-startup-log=C:\Users\frank\VirtualBox VMs\WXP\Logs\VBoxStartup.log"' 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\shell32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\shell32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\user32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\user32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winspool.drv) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0] 1368.136c: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f2f80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef0120000 LB 0x00873000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef0000000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdaa0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 0000000076cd0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd9a0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd9b0000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007feeffd0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef34d0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefa1c0000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff150000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd6f0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff010000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefedf0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd730000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefb800000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef09a0000 LB 0x00531000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000000006cfd0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000000006cf30000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdb10000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff000000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000000006cc50000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000000006c2e0000 LB 0x00969000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdc70000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff330000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 1368.136c: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in WinSxS). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefa370000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\COMCTL32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdd10000 LB 0x00d88000 C:\Windows\system32\SHELL32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd970000 LB 0x0002e000 C:\Windows\system32\IMM32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefb9c0000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefa2f0000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000000006c1d0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000000006c0f0000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 1368.136c: \Device\HarddiskVolume2\Windows\System32\nvinitx.dll: Owner is administrators group. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nvinitx.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nvinitx.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\nvinitx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.; [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nvinitx.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd550000 LB 0x00044000 C:\Windows\system32\nvinitx.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nvinitx.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\Windows\system32\nvinitx.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdaa0000 'C:\Windows\system32\gdi32.dll' 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd970000 'C:\Windows\system32\imm32.dll' 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0120000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9c0000 'C:\Windows\system32\winmm.dll' 1368.136c: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd480000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd480000 'C:\Windows\system32\CRYPTBASE.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd10000 'C:\Windows\system32\shell32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'C:\Windows\system32\kernel32.dll' 1368.136c: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefbe30000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe30000 'C:\Windows\system32\uxtheme.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe30000 'C:\Windows\system32\uxtheme.dll' 1368.136c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll) 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cd0000 'C:\Windows\system32\user32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe30000 'C:\Windows\system32\uxtheme.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cd0000 'C:\Windows\system32\user32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdaa0000 'C:\Windows\system32\gdi32.dll' 1368.136c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll) 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cd0000 'C:\Windows\system32\user32.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9c0000 'C:\Windows\system32\WINMM.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'C:\Windows\system32\kernel32.dll' 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda80000 'API-MS-WIN-Service-Management-L1-1-0.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec20000 'C:\Windows\system32\rpcrt4.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll' 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda80000 'API-MS-WIN-Service-winsvc-L1-1-0.dll' 1368.136c: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec20000 'C:\Windows\system32\RPCRT4.dll' 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1368.13a0: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefeb80000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb80000 'C:\Windows\system32\CLBCatQ.DLL' 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008] 1368.13a0: \Device\HarddiskVolume2\Windows\System32\propsys.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\propsys.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000084ded0:C:\Windows\system32;;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb60000 'C:\Windows\system32\MSCTF.dll' 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\propsys.dll) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefbec0000 LB 0x0004b000 C:\Windows\system32\MMDevAPI.DLL [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefbd00000 LB 0x0012c000 C:\Windows\system32\PROPSYS.dll [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeaa0000 'C:\Windows\system32\ADVAPI32.dll' 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbec0000 'C:\Windows\system32\MMDevAPI.DLL' 1368.13a0: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: \Device\HarddiskVolume2\Windows\System32\avrt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\avrt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\avrt.dll) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] 1368.13a0: \Device\HarddiskVolume2\Windows\System32\ksuser.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\ksuser.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefb600000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 0000000074760000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefbcd0000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbec0000 'C:\Windows\system32\MMDEVAPI.DLL' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff150000 'C:\Windows\system32\SETUPAPI.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff330000 'C:\Windows\system32\SHLWAPI.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll' 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff010000 'C:\Windows\system32\OLEAUT32.DLL' 1368.13a0: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefb640000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb640000 'C:\Windows\system32\AUDIOSES.DLL' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv' 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefaab0000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefaa90000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv' 1368.13a0: \Device\HarddiskVolume2\Windows\System32\midimap.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.13a0: \Device\HarddiskVolume2\Windows\System32\midimap.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'. 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\midimap.dll) 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefaa80000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0] 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll' 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll' 1368.13a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 1368.13a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000864d80:C:\Windows\System32;;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb640000 'C:\Windows\System32\audioses.dll' 1368.13d0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 1368.13d0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6f0000 'C:\Windows\system32\CFGMGR32.dll' 1368.13a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1368.13a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.13a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff010000 'C:\Windows\system32\OLEAUT32.dll' 1368.136c: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll' [redir] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa370000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll' 1368.136c: \Device\HarddiskVolume2\Windows\System32\wintrust.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\wintrust.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008] 1368.136c: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00) 1368.136c: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32). 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'. 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll) 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling] 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd930000 LB 0x0003a000 C:\Windows\system32\WINTRUST.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd750000 LB 0x0016a000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd640000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0] 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust] 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd930000 'C:\Windows\system32\WINTRUST.dll' 1358.135c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 10485 ms, the end);