1fb8.1a6c: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000018 g_uNtVerCombined=0x611db110 1fb8.1a6c: \SystemRoot\System32\ntdll.dll: 1fb8.1a6c: CreationTime: 2013-11-01T11:05:44.243638200Z 1fb8.1a6c: LastWriteTime: 2013-08-29T02:16:35.515578900Z 1fb8.1a6c: ChangeTime: 2013-11-01T13:14:07.131567700Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x1a6dc0 1fb8.1a6c: NT Headers: 0xe0 1fb8.1a6c: Timestamp: 0x521eaf24 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x521eaf24 1fb8.1a6c: Image Version: 6.1 1fb8.1a6c: SizeOfImage: 0x1a9000 (1740800) 1fb8.1a6c: Resource Dir: 0x151000 LB 0x560d8 1fb8.1a6c: ProductName: Microsoft® Windows® Operating System 1fb8.1a6c: ProductVersion: 6.1.7601.18247 1fb8.1a6c: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532) 1fb8.1a6c: FileDescription: NT Layer DLL 1fb8.1a6c: \SystemRoot\System32\kernel32.dll: 1fb8.1a6c: CreationTime: 2014-04-09T06:11:53.781814400Z 1fb8.1a6c: LastWriteTime: 2014-03-04T09:44:00.336000000Z 1fb8.1a6c: ChangeTime: 2014-04-14T05:43:51.462211400Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x11c000 1fb8.1a6c: NT Headers: 0xe8 1fb8.1a6c: Timestamp: 0x5315a059 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x5315a059 1fb8.1a6c: Image Version: 6.1 1fb8.1a6c: SizeOfImage: 0x11f000 (1175552) 1fb8.1a6c: Resource Dir: 0x116000 LB 0x528 1fb8.1a6c: ProductName: Microsoft® Windows® Operating System 1fb8.1a6c: ProductVersion: 6.1.7601.18409 1fb8.1a6c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144) 1fb8.1a6c: FileDescription: Windows NT BASE API Client DLL 1fb8.1a6c: \SystemRoot\System32\KernelBase.dll: 1fb8.1a6c: CreationTime: 2014-05-15T05:31:21.478784500Z 1fb8.1a6c: LastWriteTime: 2014-03-04T09:44:00.336000000Z 1fb8.1a6c: ChangeTime: 2014-05-16T05:04:13.427627900Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x67c00 1fb8.1a6c: NT Headers: 0xe8 1fb8.1a6c: Timestamp: 0x5315a05a 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x5315a05a 1fb8.1a6c: Image Version: 6.1 1fb8.1a6c: SizeOfImage: 0x6c000 (442368) 1fb8.1a6c: Resource Dir: 0x6a000 LB 0x530 1fb8.1a6c: ProductName: Microsoft® Windows® Operating System 1fb8.1a6c: ProductVersion: 6.1.7601.18409 1fb8.1a6c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144) 1fb8.1a6c: FileDescription: Windows NT BASE API Client DLL 1fb8.1a6c: \SystemRoot\System32\apisetschema.dll: 1fb8.1a6c: CreationTime: 2013-11-01T11:07:25.144615500Z 1fb8.1a6c: LastWriteTime: 2013-08-02T02:12:20.275000000Z 1fb8.1a6c: ChangeTime: 2013-11-01T13:14:22.762795100Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x1a00 1fb8.1a6c: NT Headers: 0xc0 1fb8.1a6c: Timestamp: 0x51fb15ca 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x51fb15ca 1fb8.1a6c: Image Version: 6.1 1fb8.1a6c: SizeOfImage: 0x50000 (327680) 1fb8.1a6c: Resource Dir: 0x30000 LB 0x3f8 1fb8.1a6c: ProductName: Microsoft® Windows® Operating System 1fb8.1a6c: ProductVersion: 6.1.7601.18229 1fb8.1a6c: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533) 1fb8.1a6c: FileDescription: ApiSet Schema DLL 1fb8.1a6c: Found driver aswVmm (0x4) 1fb8.1a6c: Found driver aswHwid (0x4) 1fb8.1a6c: Found driver aswStm (0x4) 1fb8.1a6c: Found driver aswRvrt (0x4) 1fb8.1a6c: supR3HardenedWinFindAdversaries: 0x4 1fb8.1a6c: \SystemRoot\System32\drivers\aswHwid.sys: 1fb8.1a6c: CreationTime: 2014-04-28T05:17:42.644695500Z 1fb8.1a6c: LastWriteTime: 2014-11-21T10:26:54.952853600Z 1fb8.1a6c: ChangeTime: 2014-11-21T10:27:06.949539800Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x7218 1fb8.1a6c: NT Headers: 0xe8 1fb8.1a6c: Timestamp: 0x545b6fa5 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x545b6fa5 1fb8.1a6c: Image Version: 6.0 1fb8.1a6c: SizeOfImage: 0xa000 (40960) 1fb8.1a6c: Resource Dir: 0x8000 LB 0x460 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.712 1fb8.1a6c: FileVersion: 10.0.2208.712 1fb8.1a6c: SpecialBuild: feb2012 1fb8.1a6c: PrivateBuild: 0SpecialBuild 1fb8.1a6c: FileDescription: avast! HWID 1fb8.1a6c: \SystemRoot\System32\drivers\aswMonFlt.sys: 1fb8.1a6c: CreationTime: 2013-11-07T06:17:54.604342100Z 1fb8.1a6c: LastWriteTime: 2014-11-21T10:26:55.146864700Z 1fb8.1a6c: ChangeTime: 2014-11-21T10:27:06.949539800Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x14550 1fb8.1a6c: NT Headers: 0xe8 1fb8.1a6c: Timestamp: 0x545b6f33 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x545b6f33 1fb8.1a6c: Image Version: 6.0 1fb8.1a6c: SizeOfImage: 0x22000 (139264) 1fb8.1a6c: Resource Dir: 0x20000 LB 0x3b8 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.712 1fb8.1a6c: FileVersion: 10.0.2208.712 1fb8.1a6c: FileDescription: avast! File System Minifilter for Windows 2003/Vista 1fb8.1a6c: \SystemRoot\System32\drivers\aswRdr2.sys: 1fb8.1a6c: CreationTime: 2013-11-07T06:17:54.122314600Z 1fb8.1a6c: LastWriteTime: 2014-11-21T10:26:52.758728100Z 1fb8.1a6c: ChangeTime: 2014-11-21T10:27:06.949539800Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x16d80 1fb8.1a6c: NT Headers: 0xf0 1fb8.1a6c: Timestamp: 0x545b6f6a 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x545b6f6a 1fb8.1a6c: Image Version: 6.1 1fb8.1a6c: SizeOfImage: 0x1a000 (106496) 1fb8.1a6c: Resource Dir: 0x18000 LB 0x3a0 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.712 1fb8.1a6c: FileVersion: 10.0.2208.712 built by: WinDDK 1fb8.1a6c: FileDescription: avast! WFP Redirect Driver 1fb8.1a6c: \SystemRoot\System32\drivers\aswRvrt.sys: 1fb8.1a6c: CreationTime: 2013-11-07T06:17:55.705405100Z 1fb8.1a6c: LastWriteTime: 2014-11-21T10:26:55.225869200Z 1fb8.1a6c: ChangeTime: 2014-11-21T10:27:06.949539800Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x100f0 1fb8.1a6c: NT Headers: 0xf8 1fb8.1a6c: Timestamp: 0x545b6f42 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x545b6f42 1fb8.1a6c: Image Version: 6.0 1fb8.1a6c: SizeOfImage: 0x13000 (77824) 1fb8.1a6c: Resource Dir: 0x11000 LB 0x468 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.712 1fb8.1a6c: FileVersion: 10.0.2208.712 1fb8.1a6c: SpecialBuild: feb2012 1fb8.1a6c: PrivateBuild: 0SpecialBuild 1fb8.1a6c: FileDescription: avast! Revert 1fb8.1a6c: \SystemRoot\System32\drivers\aswSnx.sys: 1fb8.1a6c: CreationTime: 2013-11-07T06:17:55.497393200Z 1fb8.1a6c: LastWriteTime: 2014-11-24T06:03:14.214882600Z 1fb8.1a6c: ChangeTime: 2014-11-24T06:03:14.214882600Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x100740 1fb8.1a6c: NT Headers: 0xf0 1fb8.1a6c: Timestamp: 0x546f1f38 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x546f1f38 1fb8.1a6c: Image Version: 6.0 1fb8.1a6c: SizeOfImage: 0x104000 (1064960) 1fb8.1a6c: Resource Dir: 0xfc000 LB 0x380 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.722 1fb8.1a6c: FileVersion: 10.0.2208.722 1fb8.1a6c: FileDescription: avast! Virtualization Driver 1fb8.1a6c: \SystemRoot\System32\drivers\aswsp.sys: 1fb8.1a6c: CreationTime: 2013-11-07T06:17:55.114371300Z 1fb8.1a6c: LastWriteTime: 2014-11-21T10:26:55.558888300Z 1fb8.1a6c: ChangeTime: 2014-11-21T10:27:06.950539800Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x6a990 1fb8.1a6c: NT Headers: 0x100 1fb8.1a6c: Timestamp: 0x545b7323 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x545b7323 1fb8.1a6c: Image Version: 6.0 1fb8.1a6c: SizeOfImage: 0x71000 (462848) 1fb8.1a6c: Resource Dir: 0x6f000 LB 0x378 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.712 1fb8.1a6c: FileVersion: 10.0.2208.712 1fb8.1a6c: FileDescription: avast! self protection module 1fb8.1a6c: \SystemRoot\System32\drivers\aswStm.sys: 1fb8.1a6c: CreationTime: 2013-12-30T06:13:02.878184400Z 1fb8.1a6c: LastWriteTime: 2014-11-21T10:26:56.615948700Z 1fb8.1a6c: ChangeTime: 2014-11-21T10:27:06.950539800Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x1c7f8 1fb8.1a6c: NT Headers: 0x110 1fb8.1a6c: Timestamp: 0x545b7364 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x545b7364 1fb8.1a6c: Image Version: 6.2 1fb8.1a6c: SizeOfImage: 0x1f000 (126976) 1fb8.1a6c: Resource Dir: 0x1d000 LB 0x358 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.712 1fb8.1a6c: FileVersion: 10.0.2208.712 1fb8.1a6c: FileDescription: Stream Filter 1fb8.1a6c: \SystemRoot\System32\drivers\aswVmm.sys: 1fb8.1a6c: CreationTime: 2013-11-07T06:17:55.938418400Z 1fb8.1a6c: LastWriteTime: 2014-11-21T10:26:55.808902600Z 1fb8.1a6c: ChangeTime: 2014-11-21T10:27:06.950539800Z 1fb8.1a6c: FileAttributes: 0x20 1fb8.1a6c: Size: 0x41570 1fb8.1a6c: NT Headers: 0xf0 1fb8.1a6c: Timestamp: 0x545b6f4b 1fb8.1a6c: Machine: 0x8664 - amd64 1fb8.1a6c: Timestamp: 0x545b6f4b 1fb8.1a6c: Image Version: 6.0 1fb8.1a6c: SizeOfImage: 0x43000 (274432) 1fb8.1a6c: Resource Dir: 0x40000 LB 0x470 1fb8.1a6c: ProductName: Avast Antivirus 1fb8.1a6c: ProductVersion: 10.0.2208.712 1fb8.1a6c: FileVersion: 10.0.2208.712 1fb8.1a6c: SpecialBuild: feb2012 1fb8.1a6c: PrivateBuild: 0SpecialBuild 1fb8.1a6c: FileDescription: avast! VM Monitor 1fb8.1a6c: Calling main() 1fb8.1a6c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1fb8.1a6c: SUPR3HardenedMain: Respawn #1 1fb8.1a6c: System32: \Device\HarddiskVolume3\Windows\System32 1fb8.1a6c: WinSxS: \Device\HarddiskVolume3\Windows\winsxs 1fb8.1a6c: KnownDllPath: C:\Windows\system32 1fb8.1a6c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1fb8.1a6c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1fb8.1a6c: supR3HardNtEnableThreadCreation: 1fb8.1a6c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007770c340 pvNtTerminateThread=00000000777317e0 1fb8.1a6c: supR3HardenedWinDoReSpawn(1): New child 1dbc.1dc4 [kernel32]. 1fb8.1a6c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd9000 cbPeb=0x380 1fb8.1a6c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000776e0000 uNtDllChildAddr=00000000776e0000 1fb8.1a6c: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007770c340 1fb8.1a6c: supR3HardenedWinSetupChildInit: Start child. 1fb8.1a6c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 1fb8.1a6c: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps 1fb8.1a6c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1fb8.1a6c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000 1fb8.1a6c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000 1fb8.1a6c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000 1fb8.1a6c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000 1fb8.1a6c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000 1fb8.1a6c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000 1fb8.1a6c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000 1fb8.1a6c: 0000000000051000-fffffffffffb1fff 0x0001/0x0000 0x0000000 1fb8.1a6c: *00000000000f0000-ffffffffffff3fff 0x0000/0x0004 0x0020000 1fb8.1a6c: 00000000001ec000-00000000001e8fff 0x0104/0x0004 0x0020000 1fb8.1a6c: 00000000001ef000-00000000001edfff 0x0004/0x0004 0x0020000 1fb8.1a6c: 00000000001f0000-ffffffff88cfffff 0x0001/0x0000 0x0000000 1fb8.1a6c: *00000000776e0000-00000000776defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1fb8.1a6c: 00000000776e1000-00000000775defff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1fb8.1a6c: 00000000777e3000-00000000777b3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1fb8.1a6c: 0000000077812000-0000000077809fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1fb8.1a6c: 000000007781a000-0000000077818fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1fb8.1a6c: 000000007781b000-0000000077817fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1fb8.1a6c: 000000007781e000-00000000777b2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1fb8.1a6c: 0000000077889000-0000000070131fff 0x0001/0x0000 0x0000000 1fb8.1a6c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000 1fb8.1a6c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 1fb8.1a6c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 1fb8.1a6c: 000000007fff0000-ffffffffc00cffff 0x0001/0x0000 0x0000000 1fb8.1a6c: *000000013ff10000-000000013ff0efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ff11000-000000013fe8cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ff95000-000000013ff93fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ff96000-000000013ff58fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ffd3000-000000013ffd1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ffd4000-000000013ffd2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ffd5000-000000013ffd2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ffd7000-000000013ffd5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ffd8000-000000013ffd6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ffd9000-000000013ffd4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 000000013ffdd000-000000013ffa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1fb8.1a6c: 0000000140016000-fffff8038062bfff 0x0001/0x0000 0x0000000 1fb8.1a6c: *000007feffa00000-000007feff9fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll 1fb8.1a6c: 000007feffa01000-000007fdff451fff 0x0001/0x0000 0x0000000 1fb8.1a6c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000 1fb8.1a6c: 000007fffffd3000-000007fffffccfff 0x0001/0x0000 0x0000000 1fb8.1a6c: *000007fffffd9000-000007fffffd7fff 0x0004/0x0004 0x0020000 1fb8.1a6c: 000007fffffda000-000007fffffd5fff 0x0001/0x0000 0x0000000 1fb8.1a6c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000 1fb8.1a6c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000 1fb8.1a6c: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS) 1fb8.1a6c: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS) 1fb8.1a6c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1fb8.1a6c: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports 1fb8.1a6c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports 1fb8.1a6c: supR3HardNtChildPurify: Done after 554 ms and 0 fixes (loop #0). 1dbc.1dc4: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110 1dbc.1dc4: supR3HardenedVmProcessInit: uNtDllAddr=00000000776e0000 1dbc.1dc4: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS) 1dbc.1dc4: New simple heap: #1 00000000002f0000 LB 0x400000 (for 1740800 allocation) 1dbc.1dc4: System32: \Device\HarddiskVolume3\Windows\System32 1dbc.1dc4: WinSxS: \Device\HarddiskVolume3\Windows\winsxs 1dbc.1dc4: KnownDllPath: C:\Windows\system32 1dbc.1dc4: supR3HardenedVmProcessInit: Opening vboxdrv stub... 1fb8.1a6c: supR3HardNtEnableThreadCreation: 1dbc.1dc4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 1dbc.1dc4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 1dbc.1dc4: Registered Dll notification callback with NTDLL. 1dbc.1dc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll) 1dbc.1dc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll 1dbc.1dc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] 1dbc.1dc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1dbc.1dc4: supR3HardenedDllNotificationCallback: load 00000000774c0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0] 1dbc.1dc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1dbc.1dc4: supR3HardenedDllNotificationCallback: load 000007fefd660000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0] 1dbc.1dc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll) 1dbc.1dc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 1dbc.1dc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774c0000 'C:\Windows\system32\kernel32.dll' 1dbc.1dc4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007770c340 pvNtTerminateThread=00000000777317e0 1dbc.1dc4: \SystemRoot\System32\ntdll.dll: 1dbc.1dc4: CreationTime: 2013-11-01T11:05:44.243638200Z 1dbc.1dc4: LastWriteTime: 2013-08-29T02:16:35.515578900Z 1dbc.1dc4: ChangeTime: 2013-11-01T13:14:07.131567700Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x1a6dc0 1dbc.1dc4: NT Headers: 0xe0 1dbc.1dc4: Timestamp: 0x521eaf24 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x521eaf24 1dbc.1dc4: Image Version: 6.1 1dbc.1dc4: SizeOfImage: 0x1a9000 (1740800) 1dbc.1dc4: Resource Dir: 0x151000 LB 0x560d8 1fb8.1a6c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 21 ms. 1dbc.1dc4: ProductName: Microsoft® Windows® Operating System 1dbc.1dc4: ProductVersion: 6.1.7601.18247 1dbc.1dc4: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532) 1dbc.1dc4: FileDescription: NT Layer DLL 1dbc.1dc4: \SystemRoot\System32\kernel32.dll: 1dbc.1dc4: CreationTime: 2014-04-09T06:11:53.781814400Z 1dbc.1dc4: LastWriteTime: 2014-03-04T09:44:00.336000000Z 1dbc.1dc4: ChangeTime: 2014-04-14T05:43:51.462211400Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x11c000 1dbc.1dc4: NT Headers: 0xe8 1dbc.1dc4: Timestamp: 0x5315a059 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x5315a059 1dbc.1dc4: Image Version: 6.1 1dbc.1dc4: SizeOfImage: 0x11f000 (1175552) 1dbc.1dc4: Resource Dir: 0x116000 LB 0x528 1dbc.1dc4: ProductName: Microsoft® Windows® Operating System 1dbc.1dc4: ProductVersion: 6.1.7601.18409 1dbc.1dc4: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144) 1dbc.1dc4: FileDescription: Windows NT BASE API Client DLL 1dbc.1dc4: \SystemRoot\System32\KernelBase.dll: 1dbc.1dc4: CreationTime: 2014-05-15T05:31:21.478784500Z 1dbc.1dc4: LastWriteTime: 2014-03-04T09:44:00.336000000Z 1dbc.1dc4: ChangeTime: 2014-05-16T05:04:13.427627900Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x67c00 1dbc.1dc4: NT Headers: 0xe8 1dbc.1dc4: Timestamp: 0x5315a05a 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x5315a05a 1dbc.1dc4: Image Version: 6.1 1dbc.1dc4: SizeOfImage: 0x6c000 (442368) 1dbc.1dc4: Resource Dir: 0x6a000 LB 0x530 1dbc.1dc4: ProductName: Microsoft® Windows® Operating System 1dbc.1dc4: ProductVersion: 6.1.7601.18409 1dbc.1dc4: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144) 1dbc.1dc4: FileDescription: Windows NT BASE API Client DLL 1dbc.1dc4: \SystemRoot\System32\apisetschema.dll: 1dbc.1dc4: CreationTime: 2013-11-01T11:07:25.144615500Z 1dbc.1dc4: LastWriteTime: 2013-08-02T02:12:20.275000000Z 1dbc.1dc4: ChangeTime: 2013-11-01T13:14:22.762795100Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x1a00 1dbc.1dc4: NT Headers: 0xc0 1dbc.1dc4: Timestamp: 0x51fb15ca 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x51fb15ca 1dbc.1dc4: Image Version: 6.1 1dbc.1dc4: SizeOfImage: 0x50000 (327680) 1dbc.1dc4: Resource Dir: 0x30000 LB 0x3f8 1dbc.1dc4: ProductName: Microsoft® Windows® Operating System 1dbc.1dc4: ProductVersion: 6.1.7601.18229 1dbc.1dc4: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533) 1dbc.1dc4: FileDescription: ApiSet Schema DLL 1dbc.1dc4: Found driver aswVmm (0x4) 1dbc.1dc4: Found driver aswHwid (0x4) 1dbc.1dc4: Found driver aswStm (0x4) 1dbc.1dc4: Found driver aswRvrt (0x4) 1dbc.1dc4: supR3HardenedWinFindAdversaries: 0x4 1dbc.1dc4: \SystemRoot\System32\drivers\aswHwid.sys: 1dbc.1dc4: CreationTime: 2014-04-28T05:17:42.644695500Z 1dbc.1dc4: LastWriteTime: 2014-11-21T10:26:54.952853600Z 1dbc.1dc4: ChangeTime: 2014-11-21T10:27:06.949539800Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x7218 1dbc.1dc4: NT Headers: 0xe8 1dbc.1dc4: Timestamp: 0x545b6fa5 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x545b6fa5 1dbc.1dc4: Image Version: 6.0 1dbc.1dc4: SizeOfImage: 0xa000 (40960) 1dbc.1dc4: Resource Dir: 0x8000 LB 0x460 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.712 1dbc.1dc4: FileVersion: 10.0.2208.712 1dbc.1dc4: SpecialBuild: feb2012 1dbc.1dc4: PrivateBuild: 0SpecialBuild 1dbc.1dc4: FileDescription: avast! HWID 1dbc.1dc4: \SystemRoot\System32\drivers\aswMonFlt.sys: 1dbc.1dc4: CreationTime: 2013-11-07T06:17:54.604342100Z 1dbc.1dc4: LastWriteTime: 2014-11-21T10:26:55.146864700Z 1dbc.1dc4: ChangeTime: 2014-11-21T10:27:06.949539800Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x14550 1dbc.1dc4: NT Headers: 0xe8 1dbc.1dc4: Timestamp: 0x545b6f33 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x545b6f33 1dbc.1dc4: Image Version: 6.0 1dbc.1dc4: SizeOfImage: 0x22000 (139264) 1dbc.1dc4: Resource Dir: 0x20000 LB 0x3b8 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.712 1dbc.1dc4: FileVersion: 10.0.2208.712 1dbc.1dc4: FileDescription: avast! File System Minifilter for Windows 2003/Vista 1dbc.1dc4: \SystemRoot\System32\drivers\aswRdr2.sys: 1dbc.1dc4: CreationTime: 2013-11-07T06:17:54.122314600Z 1dbc.1dc4: LastWriteTime: 2014-11-21T10:26:52.758728100Z 1dbc.1dc4: ChangeTime: 2014-11-21T10:27:06.949539800Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x16d80 1dbc.1dc4: NT Headers: 0xf0 1dbc.1dc4: Timestamp: 0x545b6f6a 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x545b6f6a 1dbc.1dc4: Image Version: 6.1 1dbc.1dc4: SizeOfImage: 0x1a000 (106496) 1dbc.1dc4: Resource Dir: 0x18000 LB 0x3a0 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.712 1dbc.1dc4: FileVersion: 10.0.2208.712 built by: WinDDK 1dbc.1dc4: FileDescription: avast! WFP Redirect Driver 1dbc.1dc4: \SystemRoot\System32\drivers\aswRvrt.sys: 1dbc.1dc4: CreationTime: 2013-11-07T06:17:55.705405100Z 1dbc.1dc4: LastWriteTime: 2014-11-21T10:26:55.225869200Z 1dbc.1dc4: ChangeTime: 2014-11-21T10:27:06.949539800Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x100f0 1dbc.1dc4: NT Headers: 0xf8 1dbc.1dc4: Timestamp: 0x545b6f42 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x545b6f42 1dbc.1dc4: Image Version: 6.0 1dbc.1dc4: SizeOfImage: 0x13000 (77824) 1dbc.1dc4: Resource Dir: 0x11000 LB 0x468 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.712 1dbc.1dc4: FileVersion: 10.0.2208.712 1dbc.1dc4: SpecialBuild: feb2012 1dbc.1dc4: PrivateBuild: 0SpecialBuild 1dbc.1dc4: FileDescription: avast! Revert 1dbc.1dc4: \SystemRoot\System32\drivers\aswSnx.sys: 1dbc.1dc4: CreationTime: 2013-11-07T06:17:55.497393200Z 1dbc.1dc4: LastWriteTime: 2014-11-24T06:03:14.214882600Z 1dbc.1dc4: ChangeTime: 2014-11-24T06:03:14.214882600Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x100740 1dbc.1dc4: NT Headers: 0xf0 1dbc.1dc4: Timestamp: 0x546f1f38 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x546f1f38 1dbc.1dc4: Image Version: 6.0 1dbc.1dc4: SizeOfImage: 0x104000 (1064960) 1dbc.1dc4: Resource Dir: 0xfc000 LB 0x380 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.722 1dbc.1dc4: FileVersion: 10.0.2208.722 1dbc.1dc4: FileDescription: avast! Virtualization Driver 1dbc.1dc4: \SystemRoot\System32\drivers\aswsp.sys: 1dbc.1dc4: CreationTime: 2013-11-07T06:17:55.114371300Z 1dbc.1dc4: LastWriteTime: 2014-11-21T10:26:55.558888300Z 1dbc.1dc4: ChangeTime: 2014-11-21T10:27:06.950539800Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x6a990 1dbc.1dc4: NT Headers: 0x100 1dbc.1dc4: Timestamp: 0x545b7323 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x545b7323 1dbc.1dc4: Image Version: 6.0 1dbc.1dc4: SizeOfImage: 0x71000 (462848) 1dbc.1dc4: Resource Dir: 0x6f000 LB 0x378 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.712 1dbc.1dc4: FileVersion: 10.0.2208.712 1dbc.1dc4: FileDescription: avast! self protection module 1dbc.1dc4: \SystemRoot\System32\drivers\aswStm.sys: 1dbc.1dc4: CreationTime: 2013-12-30T06:13:02.878184400Z 1dbc.1dc4: LastWriteTime: 2014-11-21T10:26:56.615948700Z 1dbc.1dc4: ChangeTime: 2014-11-21T10:27:06.950539800Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x1c7f8 1dbc.1dc4: NT Headers: 0x110 1dbc.1dc4: Timestamp: 0x545b7364 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x545b7364 1dbc.1dc4: Image Version: 6.2 1dbc.1dc4: SizeOfImage: 0x1f000 (126976) 1dbc.1dc4: Resource Dir: 0x1d000 LB 0x358 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.712 1dbc.1dc4: FileVersion: 10.0.2208.712 1dbc.1dc4: FileDescription: Stream Filter 1dbc.1dc4: \SystemRoot\System32\drivers\aswVmm.sys: 1dbc.1dc4: CreationTime: 2013-11-07T06:17:55.938418400Z 1dbc.1dc4: LastWriteTime: 2014-11-21T10:26:55.808902600Z 1dbc.1dc4: ChangeTime: 2014-11-21T10:27:06.950539800Z 1dbc.1dc4: FileAttributes: 0x20 1dbc.1dc4: Size: 0x41570 1dbc.1dc4: NT Headers: 0xf0 1dbc.1dc4: Timestamp: 0x545b6f4b 1dbc.1dc4: Machine: 0x8664 - amd64 1dbc.1dc4: Timestamp: 0x545b6f4b 1dbc.1dc4: Image Version: 6.0 1dbc.1dc4: SizeOfImage: 0x43000 (274432) 1dbc.1dc4: Resource Dir: 0x40000 LB 0x470 1dbc.1dc4: ProductName: Avast Antivirus 1dbc.1dc4: ProductVersion: 10.0.2208.712 1dbc.1dc4: FileVersion: 10.0.2208.712 1dbc.1dc4: SpecialBuild: feb2012 1dbc.1dc4: PrivateBuild: 0SpecialBuild 1dbc.1dc4: FileDescription: avast! VM Monitor 1dbc.1dc4: Calling main() 1dbc.1dc4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1dbc.1dc4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1dbc.1dc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1dbc.1dc4: SUPR3HardenedMain: Respawn #2 1dbc.1dc4: supR3HardNtEnableThreadCreation: 1dbc.1dc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll) 1dbc.1dc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll 1dbc.1dc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] 1dbc.1dc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust] 1dbc.1dc4: supR3HardenedDllNotificationCallback: load 000007fefd2a0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0] 1dbc.1dc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust] 1dbc.1dc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2a0000 'C:\Windows\system32\apphelp.dll' 1dbc.1dc4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007770c340 pvNtTerminateThread=00000000777317e0 1dbc.1dc4: supR3HardenedWinDoReSpawn(2): New child 1eac.1fd0 [kernel32]. 1dbc.1dc4: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd3000 cbPeb=0x380 1dbc.1dc4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000776e0000 uNtDllChildAddr=00000000776e0000 1dbc.1dc4: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007770c340 1dbc.1dc4: supR3HardenedWinSetupChildInit: Start child. 1dbc.1dc4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 1dbc.1dc4: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 64 sleeps 1dbc.1dc4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1dbc.1dc4: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000 1dbc.1dc4: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000 1dbc.1dc4: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000 1dbc.1dc4: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000 1dbc.1dc4: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000 1dbc.1dc4: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000 1dbc.1dc4: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000 1dbc.1dc4: 0000000000051000-fffffffffff31fff 0x0001/0x0000 0x0000000 1dbc.1dc4: *0000000000170000-0000000000073fff 0x0000/0x0004 0x0020000 1dbc.1dc4: 000000000026c000-0000000000268fff 0x0104/0x0004 0x0020000 1dbc.1dc4: 000000000026f000-000000000026dfff 0x0004/0x0004 0x0020000 1dbc.1dc4: 0000000000270000-ffffffff88dfffff 0x0001/0x0000 0x0000000 1dbc.1dc4: *00000000776e0000-00000000776defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1dbc.1dc4: 00000000776e1000-00000000775defff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1dbc.1dc4: 00000000777e3000-00000000777b3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1dbc.1dc4: 0000000077812000-0000000077809fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1dbc.1dc4: 000000007781a000-0000000077818fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1dbc.1dc4: 000000007781b000-0000000077817fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1dbc.1dc4: 000000007781e000-00000000777b2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1dbc.1dc4: 0000000077889000-0000000070131fff 0x0001/0x0000 0x0000000 1dbc.1dc4: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000 1dbc.1dc4: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 1dbc.1dc4: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 1dbc.1dc4: 000000007fff0000-ffffffffc00cffff 0x0001/0x0000 0x0000000 1dbc.1dc4: *000000013ff10000-000000013ff0efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ff11000-000000013fe8cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ff95000-000000013ff93fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ff96000-000000013ff58fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ffd3000-000000013ffd1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ffd4000-000000013ffd2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ffd5000-000000013ffd2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ffd7000-000000013ffd5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ffd8000-000000013ffd6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ffd9000-000000013ffd4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 000000013ffdd000-000000013ffa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1dbc.1dc4: 0000000140016000-fffff8038062bfff 0x0001/0x0000 0x0000000 1dbc.1dc4: *000007feffa00000-000007feff9fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll 1dbc.1dc4: 000007feffa01000-000007fdff451fff 0x0001/0x0000 0x0000000 1dbc.1dc4: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000 1dbc.1dc4: *000007fffffd3000-000007fffffd1fff 0x0004/0x0004 0x0020000 1dbc.1dc4: 000007fffffd4000-000007fffffc9fff 0x0001/0x0000 0x0000000 1dbc.1dc4: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000 1dbc.1dc4: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000 1dbc.1dc4: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS) 1dbc.1dc4: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS) 1dbc.1dc4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1dbc.1dc4: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports 1dbc.1dc4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports 1dbc.1dc4: supR3HardNtChildPurify: Done after 553 ms and 0 fixes (loop #0). 1eac.1fd0: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110 1dbc.1dc4: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002f0000 LB 0x400000) 1eac.1fd0: supR3HardenedVmProcessInit: uNtDllAddr=00000000776e0000 1dbc.1dc4: supR3HardNtEnableThreadCreation: 1eac.1fd0: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS) 1eac.1fd0: New simple heap: #1 0000000000270000 LB 0x400000 (for 1740800 allocation) 1eac.1fd0: System32: \Device\HarddiskVolume3\Windows\System32 1eac.1fd0: WinSxS: \Device\HarddiskVolume3\Windows\winsxs 1eac.1fd0: KnownDllPath: C:\Windows\system32 1eac.1fd0: supR3HardenedVmProcessInit: Opening vboxdrv... 1eac.1fd0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 1eac.1fd0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 1eac.1fd0: Registered Dll notification callback with NTDLL. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 00000000774c0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefd660000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0] 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774c0000 'C:\Windows\system32\kernel32.dll' 1eac.1fd0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007770c340 pvNtTerminateThread=00000000777317e0 1dbc.1dc4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 38 ms. 1eac.1fd0: \SystemRoot\System32\ntdll.dll: 1eac.1fd0: CreationTime: 2013-11-01T11:05:44.243638200Z 1eac.1fd0: LastWriteTime: 2013-08-29T02:16:35.515578900Z 1eac.1fd0: ChangeTime: 2013-11-01T13:14:07.131567700Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x1a6dc0 1eac.1fd0: NT Headers: 0xe0 1eac.1fd0: Timestamp: 0x521eaf24 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x521eaf24 1eac.1fd0: Image Version: 6.1 1eac.1fd0: SizeOfImage: 0x1a9000 (1740800) 1eac.1fd0: Resource Dir: 0x151000 LB 0x560d8 1eac.1fd0: ProductName: Microsoft® Windows® Operating System 1eac.1fd0: ProductVersion: 6.1.7601.18247 1eac.1fd0: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532) 1eac.1fd0: FileDescription: NT Layer DLL 1eac.1fd0: \SystemRoot\System32\kernel32.dll: 1eac.1fd0: CreationTime: 2014-04-09T06:11:53.781814400Z 1eac.1fd0: LastWriteTime: 2014-03-04T09:44:00.336000000Z 1eac.1fd0: ChangeTime: 2014-04-14T05:43:51.462211400Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x11c000 1eac.1fd0: NT Headers: 0xe8 1eac.1fd0: Timestamp: 0x5315a059 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x5315a059 1eac.1fd0: Image Version: 6.1 1eac.1fd0: SizeOfImage: 0x11f000 (1175552) 1eac.1fd0: Resource Dir: 0x116000 LB 0x528 1eac.1fd0: ProductName: Microsoft® Windows® Operating System 1eac.1fd0: ProductVersion: 6.1.7601.18409 1eac.1fd0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144) 1eac.1fd0: FileDescription: Windows NT BASE API Client DLL 1eac.1fd0: \SystemRoot\System32\KernelBase.dll: 1eac.1fd0: CreationTime: 2014-05-15T05:31:21.478784500Z 1eac.1fd0: LastWriteTime: 2014-03-04T09:44:00.336000000Z 1eac.1fd0: ChangeTime: 2014-05-16T05:04:13.427627900Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x67c00 1eac.1fd0: NT Headers: 0xe8 1eac.1fd0: Timestamp: 0x5315a05a 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x5315a05a 1eac.1fd0: Image Version: 6.1 1eac.1fd0: SizeOfImage: 0x6c000 (442368) 1eac.1fd0: Resource Dir: 0x6a000 LB 0x530 1eac.1fd0: ProductName: Microsoft® Windows® Operating System 1eac.1fd0: ProductVersion: 6.1.7601.18409 1eac.1fd0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144) 1eac.1fd0: FileDescription: Windows NT BASE API Client DLL 1eac.1fd0: \SystemRoot\System32\apisetschema.dll: 1eac.1fd0: CreationTime: 2013-11-01T11:07:25.144615500Z 1eac.1fd0: LastWriteTime: 2013-08-02T02:12:20.275000000Z 1eac.1fd0: ChangeTime: 2013-11-01T13:14:22.762795100Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x1a00 1eac.1fd0: NT Headers: 0xc0 1eac.1fd0: Timestamp: 0x51fb15ca 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x51fb15ca 1eac.1fd0: Image Version: 6.1 1eac.1fd0: SizeOfImage: 0x50000 (327680) 1eac.1fd0: Resource Dir: 0x30000 LB 0x3f8 1eac.1fd0: ProductName: Microsoft® Windows® Operating System 1eac.1fd0: ProductVersion: 6.1.7601.18229 1eac.1fd0: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533) 1eac.1fd0: FileDescription: ApiSet Schema DLL 1eac.1fd0: Found driver aswVmm (0x4) 1eac.1fd0: Found driver aswHwid (0x4) 1eac.1fd0: Found driver aswStm (0x4) 1eac.1fd0: Found driver aswRvrt (0x4) 1eac.1fd0: supR3HardenedWinFindAdversaries: 0x4 1eac.1fd0: \SystemRoot\System32\drivers\aswHwid.sys: 1eac.1fd0: CreationTime: 2014-04-28T05:17:42.644695500Z 1eac.1fd0: LastWriteTime: 2014-11-21T10:26:54.952853600Z 1eac.1fd0: ChangeTime: 2014-11-21T10:27:06.949539800Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x7218 1eac.1fd0: NT Headers: 0xe8 1eac.1fd0: Timestamp: 0x545b6fa5 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x545b6fa5 1eac.1fd0: Image Version: 6.0 1eac.1fd0: SizeOfImage: 0xa000 (40960) 1eac.1fd0: Resource Dir: 0x8000 LB 0x460 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.712 1eac.1fd0: FileVersion: 10.0.2208.712 1eac.1fd0: SpecialBuild: feb2012 1eac.1fd0: PrivateBuild: 0SpecialBuild 1eac.1fd0: FileDescription: avast! HWID 1eac.1fd0: \SystemRoot\System32\drivers\aswMonFlt.sys: 1eac.1fd0: CreationTime: 2013-11-07T06:17:54.604342100Z 1eac.1fd0: LastWriteTime: 2014-11-21T10:26:55.146864700Z 1eac.1fd0: ChangeTime: 2014-11-21T10:27:06.949539800Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x14550 1eac.1fd0: NT Headers: 0xe8 1eac.1fd0: Timestamp: 0x545b6f33 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x545b6f33 1eac.1fd0: Image Version: 6.0 1eac.1fd0: SizeOfImage: 0x22000 (139264) 1eac.1fd0: Resource Dir: 0x20000 LB 0x3b8 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.712 1eac.1fd0: FileVersion: 10.0.2208.712 1eac.1fd0: FileDescription: avast! File System Minifilter for Windows 2003/Vista 1eac.1fd0: \SystemRoot\System32\drivers\aswRdr2.sys: 1eac.1fd0: CreationTime: 2013-11-07T06:17:54.122314600Z 1eac.1fd0: LastWriteTime: 2014-11-21T10:26:52.758728100Z 1eac.1fd0: ChangeTime: 2014-11-21T10:27:06.949539800Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x16d80 1eac.1fd0: NT Headers: 0xf0 1eac.1fd0: Timestamp: 0x545b6f6a 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x545b6f6a 1eac.1fd0: Image Version: 6.1 1eac.1fd0: SizeOfImage: 0x1a000 (106496) 1eac.1fd0: Resource Dir: 0x18000 LB 0x3a0 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.712 1eac.1fd0: FileVersion: 10.0.2208.712 built by: WinDDK 1eac.1fd0: FileDescription: avast! WFP Redirect Driver 1eac.1fd0: \SystemRoot\System32\drivers\aswRvrt.sys: 1eac.1fd0: CreationTime: 2013-11-07T06:17:55.705405100Z 1eac.1fd0: LastWriteTime: 2014-11-21T10:26:55.225869200Z 1eac.1fd0: ChangeTime: 2014-11-21T10:27:06.949539800Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x100f0 1eac.1fd0: NT Headers: 0xf8 1eac.1fd0: Timestamp: 0x545b6f42 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x545b6f42 1eac.1fd0: Image Version: 6.0 1eac.1fd0: SizeOfImage: 0x13000 (77824) 1eac.1fd0: Resource Dir: 0x11000 LB 0x468 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.712 1eac.1fd0: FileVersion: 10.0.2208.712 1eac.1fd0: SpecialBuild: feb2012 1eac.1fd0: PrivateBuild: 0SpecialBuild 1eac.1fd0: FileDescription: avast! Revert 1eac.1fd0: \SystemRoot\System32\drivers\aswSnx.sys: 1eac.1fd0: CreationTime: 2013-11-07T06:17:55.497393200Z 1eac.1fd0: LastWriteTime: 2014-11-24T06:03:14.214882600Z 1eac.1fd0: ChangeTime: 2014-11-24T06:03:14.214882600Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x100740 1eac.1fd0: NT Headers: 0xf0 1eac.1fd0: Timestamp: 0x546f1f38 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x546f1f38 1eac.1fd0: Image Version: 6.0 1eac.1fd0: SizeOfImage: 0x104000 (1064960) 1eac.1fd0: Resource Dir: 0xfc000 LB 0x380 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.722 1eac.1fd0: FileVersion: 10.0.2208.722 1eac.1fd0: FileDescription: avast! Virtualization Driver 1eac.1fd0: \SystemRoot\System32\drivers\aswsp.sys: 1eac.1fd0: CreationTime: 2013-11-07T06:17:55.114371300Z 1eac.1fd0: LastWriteTime: 2014-11-21T10:26:55.558888300Z 1eac.1fd0: ChangeTime: 2014-11-21T10:27:06.950539800Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x6a990 1eac.1fd0: NT Headers: 0x100 1eac.1fd0: Timestamp: 0x545b7323 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x545b7323 1eac.1fd0: Image Version: 6.0 1eac.1fd0: SizeOfImage: 0x71000 (462848) 1eac.1fd0: Resource Dir: 0x6f000 LB 0x378 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.712 1eac.1fd0: FileVersion: 10.0.2208.712 1eac.1fd0: FileDescription: avast! self protection module 1eac.1fd0: \SystemRoot\System32\drivers\aswStm.sys: 1eac.1fd0: CreationTime: 2013-12-30T06:13:02.878184400Z 1eac.1fd0: LastWriteTime: 2014-11-21T10:26:56.615948700Z 1eac.1fd0: ChangeTime: 2014-11-21T10:27:06.950539800Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x1c7f8 1eac.1fd0: NT Headers: 0x110 1eac.1fd0: Timestamp: 0x545b7364 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x545b7364 1eac.1fd0: Image Version: 6.2 1eac.1fd0: SizeOfImage: 0x1f000 (126976) 1eac.1fd0: Resource Dir: 0x1d000 LB 0x358 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.712 1eac.1fd0: FileVersion: 10.0.2208.712 1eac.1fd0: FileDescription: Stream Filter 1eac.1fd0: \SystemRoot\System32\drivers\aswVmm.sys: 1eac.1fd0: CreationTime: 2013-11-07T06:17:55.938418400Z 1eac.1fd0: LastWriteTime: 2014-11-21T10:26:55.808902600Z 1eac.1fd0: ChangeTime: 2014-11-21T10:27:06.950539800Z 1eac.1fd0: FileAttributes: 0x20 1eac.1fd0: Size: 0x41570 1eac.1fd0: NT Headers: 0xf0 1eac.1fd0: Timestamp: 0x545b6f4b 1eac.1fd0: Machine: 0x8664 - amd64 1eac.1fd0: Timestamp: 0x545b6f4b 1eac.1fd0: Image Version: 6.0 1eac.1fd0: SizeOfImage: 0x43000 (274432) 1eac.1fd0: Resource Dir: 0x40000 LB 0x470 1eac.1fd0: ProductName: Avast Antivirus 1eac.1fd0: ProductVersion: 10.0.2208.712 1eac.1fd0: FileVersion: 10.0.2208.712 1eac.1fd0: SpecialBuild: feb2012 1eac.1fd0: PrivateBuild: 0SpecialBuild 1eac.1fd0: FileDescription: avast! VM Monitor 1eac.1fd0: Calling main() 1eac.1fd0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1eac.1fd0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1eac.1fd0: SUPR3HardenedMain: Final process, opening VBoxDrv... 1eac.1fd0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000270000 LB 0x400000) 1eac.1fd0: supR3HardNtEnableThreadCreation: 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007242f0:C:\Windows\system32 [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefc3d0000 LB 0x00004000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007242f0:C:\Windows\system32 [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefd5f0000 LB 0x0003a000 C:\Windows\system32\Wintrust.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefdb40000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefd6d0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefd4b0000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007feff750000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5f0000 'C:\Windows\system32\Wintrust.dll' 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefcdd0000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdd0000 'C:\Windows\system32\CRYPTSP.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefc9a0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9a0000 'C:\Windows\system32\rsaenh.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007feff5d0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\sechost.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefe350000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5d0000 'C:\Windows\system32\ADVAPI32.dll' 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefd340000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd340000 'C:\Windows\system32\CRYPTBASE.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774c0000 'C:\Windows\system32\kernel32.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5f0000 'C:\Windows\system32\WINTRUST.DLL' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6d0000 'C:\Windows\system32\CRYPT32.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007feff880000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imagehlp.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinReInstallHooks: Reinstalling NtCreateSection (0000000077731750: e9 bb eb a2 88 3f 01 00 00 00 ff e0 1f 44 00 00). 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff880000 'C:\Windows\system32\imagehlp.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdd0000 'C:\Windows\system32\CRYPTSP.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\user32.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume3\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\lpk.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\lpk.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume3\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\usp10.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\usp10.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 00000000775e0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefe370000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefdbe0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\lpk.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefdd70000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\usp10.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe370000 'C:\Windows\system32\gdi32.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imm32.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume3\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msctf.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefdb10000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefdc60000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb10000 'C:\Windows\system32\IMM32.DLL' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775e0000 'C:\Windows\system32\USER32.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ncrypt.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ncrypt.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ncrypt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefce20000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ncrypt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefcdf0000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce20000 'C:\Windows\system32\ncrypt.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefc8e0000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8e0000 'C:\Windows\system32\bcryptprimitives.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdf0000 'C:\Windows\system32\bcrypt.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\profapi.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefd840000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefd4a0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd840000 'C:\Windows\system32\USERENV.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-Win-Security-SDDL-L1-1-0.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-Win-Security-SDDL-L1-1-0.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefc760000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc760000 'C:\Windows\system32\GPAPI.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-WIN-Service-Management-L1-1-0.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff750000 'C:\Windows\system32\rpcrt4.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-WIN-Service-Management-L2-1-0.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-Win-Security-SDDL-L1-1-0.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\Wldap32.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Wldap32.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fef9d70000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007fefdc00000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\Wldap32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9d70000 'C:\Windows\system32\cryptnet.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-Win-Security-SDDL-L1-1-0.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4a0000 'C:\Windows\system32\profapi.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1eac.1fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. 1eac.1fd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll) 1eac.1fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1eac.1fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1eac.1fd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedDllNotificationCallback: load 000007feff8f0000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0] 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8f0000 'C:\Windows\system32\SHLWAPI.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-Win-Security-SDDL-L1-1-0.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-WIN-Service-Management-L1-1-0.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-WIN-Service-winsvc-L1-1-0.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5d0000 'C:\Windows\system32\ADVAPI32.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-Win-Security-LSALookup-L1-1-0.dll' 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007249b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\SysWOW64;C:\Program Files\Java\jdk1.7.0_45\bin;C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.4.3\Doctrine extensions for PHP\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\ [calling] 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe350000 'API-MS-Win-Security-LSALookup-L1-1-0.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: g_pfnWinVerifyTrust=000007fefd5f1010 1eac.1fd0: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust] 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume3\Windows\System32\crypt32.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' 1eac.1fd0: Error (rc=0): 1eac.1fd0: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume3\Windows\System32\crypt32.dll 1eac.1fd0: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust] 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume3\Windows\System32\wintrust.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll' 1eac.1fd0: Error (rc=0): 1eac.1fd0: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume3\Windows\System32\wintrust.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\HarddiskVolume3\Windows\System32\shlwapi.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume3\Windows\System32\Wldap32.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\Wldap32.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000260 pwszName=\Device\HarddiskVolume3\Windows\System32\gpapi.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001cc pwszName=\Device\HarddiskVolume3\Windows\System32\profapi.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume3\Windows\System32\userenv.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume3\Windows\System32\bcrypt.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume3\Windows\System32\ncrypt.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ncrypt.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume3\Windows\System32\msctf.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume3\Windows\System32\imm32.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume3\Windows\System32\usp10.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\usp10.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume3\Windows\System32\lpk.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\lpk.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume3\Windows\System32\gdi32.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume3\Windows\System32\user32.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume3\Windows\System32\imagehlp.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptbase.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume3\Windows\System32\sechost.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume3\Windows\System32\advapi32.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptsp.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume3\Windows\System32\msvcrt.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume3\Windows\System32\msasn1.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume3\Windows\System32\KernelBase.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll' 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume3\Windows\System32\kernel32.dll 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000765940 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783) 1eac.1fd0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900) 1eac.1fd0: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll' 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll 1eac.1fd0: Error (rc=0): 1eac.1fd0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume3\Windows\System32\crypt32.dll 1eac.1fd0: Error (rc=0): 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\crypt32.dll' (C:\Windows\system32\crypt32.dll): rcNt=0xc0000190 1eac.1fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\crypt32.dll' 1eac.1fd0: Fatal error: 1eac.1fd0: Error loading 'crypt32.dll': 1790 [C:\Windows\system32\crypt32.dll] 1dbc.1dc4: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 433 ms, the end); 1fb8.1a6c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1060 ms, the end);