Ticket #13580: VBoxStartup.2.log

File VBoxStartup.2.log, 346.4 KB (added by Frank Breitling, 9 years ago)

Line
1	1ab0.c84: Log file opened: 5.0.0r101573 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2	1ab0.c84: \SystemRoot\System32\ntdll.dll:
3	1ab0.c84: CreationTime: 2015-06-09T21:45:47.268968200Z
4	1ab0.c84: LastWriteTime: 2015-05-25T18:21:21.289963400Z
5	1ab0.c84: ChangeTime: 2015-06-11T18:22:33.480821100Z
6	1ab0.c84: FileAttributes: 0x20
7	1ab0.c84: Size: 0x1a61c0
8	1ab0.c84: NT Headers: 0xe0
9	1ab0.c84: Timestamp: 0x556366f2
10	1ab0.c84: Machine: 0x8664 - amd64
11	1ab0.c84: Timestamp: 0x556366f2
12	1ab0.c84: Image Version: 6.1
13	1ab0.c84: SizeOfImage: 0x1a9000 (1740800)
14	1ab0.c84: Resource Dir: 0x14d000 LB 0x5a028
15	1ab0.c84: ProductName: Microsoft® Windows® Operating System
16	1ab0.c84: ProductVersion: 6.1.7601.18869
17	1ab0.c84: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
18	1ab0.c84: FileDescription: NT Layer DLL
19	1ab0.c84: \SystemRoot\System32\kernel32.dll:
20	1ab0.c84: CreationTime: 2015-06-09T21:45:49.707107700Z
21	1ab0.c84: LastWriteTime: 2015-05-25T18:19:02.585000000Z
22	1ab0.c84: ChangeTime: 2015-06-11T18:22:33.714821500Z
23	1ab0.c84: FileAttributes: 0x20
24	1ab0.c84: Size: 0x11be00
25	1ab0.c84: NT Headers: 0xe8
26	1ab0.c84: Timestamp: 0x556366fc
27	1ab0.c84: Machine: 0x8664 - amd64
28	1ab0.c84: Timestamp: 0x556366fc
29	1ab0.c84: Image Version: 6.1
30	1ab0.c84: SizeOfImage: 0x11f000 (1175552)
31	1ab0.c84: Resource Dir: 0x116000 LB 0x528
32	1ab0.c84: ProductName: Microsoft® Windows® Operating System
33	1ab0.c84: ProductVersion: 6.1.7601.18869
34	1ab0.c84: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
35	1ab0.c84: FileDescription: Windows NT BASE API Client DLL
36	1ab0.c84: \SystemRoot\System32\KernelBase.dll:
37	1ab0.c84: CreationTime: 2015-06-09T21:45:50.668162600Z
38	1ab0.c84: LastWriteTime: 2015-05-25T18:19:02.585000000Z
39	1ab0.c84: ChangeTime: 2015-06-11T18:22:33.714821500Z
40	1ab0.c84: FileAttributes: 0x20
41	1ab0.c84: Size: 0x67c00
42	1ab0.c84: NT Headers: 0xe8
43	1ab0.c84: Timestamp: 0x556366fd
44	1ab0.c84: Machine: 0x8664 - amd64
45	1ab0.c84: Timestamp: 0x556366fd
46	1ab0.c84: Image Version: 6.1
47	1ab0.c84: SizeOfImage: 0x6c000 (442368)
48	1ab0.c84: Resource Dir: 0x6a000 LB 0x530
49	1ab0.c84: ProductName: Microsoft® Windows® Operating System
50	1ab0.c84: ProductVersion: 6.1.7601.18869
51	1ab0.c84: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
52	1ab0.c84: FileDescription: Windows NT BASE API Client DLL
53	1ab0.c84: \SystemRoot\System32\apisetschema.dll:
54	1ab0.c84: CreationTime: 2015-06-09T21:45:40.574585300Z
55	1ab0.c84: LastWriteTime: 2015-05-25T18:11:40.254000000Z
56	1ab0.c84: ChangeTime: 2015-06-11T18:22:33.449621000Z
57	1ab0.c84: FileAttributes: 0x20
58	1ab0.c84: Size: 0x1a00
59	1ab0.c84: NT Headers: 0xc0
60	1ab0.c84: Timestamp: 0x55636622
61	1ab0.c84: Machine: 0x8664 - amd64
62	1ab0.c84: Timestamp: 0x55636622
63	1ab0.c84: Image Version: 6.1
64	1ab0.c84: SizeOfImage: 0x50000 (327680)
65	1ab0.c84: Resource Dir: 0x30000 LB 0x3f8
66	1ab0.c84: ProductName: Microsoft® Windows® Operating System
67	1ab0.c84: ProductVersion: 6.1.7601.18869
68	1ab0.c84: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
69	1ab0.c84: FileDescription: ApiSet Schema DLL
70	1ab0.c84: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71	1ab0.c84: supR3HardenedWinFindAdversaries: 0x0
72	1ab0.c84: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
73	1ab0.c84: Calling main()
74	1ab0.c84: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
75	1ab0.c84: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
76	1ab0.c84: SUPR3HardenedMain: Respawn #1
77	1ab0.c84: System32: \Device\HarddiskVolume2\WINDOWS\System32
78	1ab0.c84: WinSxS: \Device\HarddiskVolume2\WINDOWS\winsxs
79	1ab0.c84: KnownDllPath: C:\Windows\system32
80	1ab0.c84: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
81	1ab0.c84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
82	1ab0.c84: supR3HardNtEnableThreadCreation:
83	1ab0.c84: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077c9b780 pvNtTerminateThread=0000000077cbe0e0
84	1ab0.c84: supR3HardenedWinDoReSpawn(1): New child 1948.d38 [kernel32].
85	1ab0.c84: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdb000 cbPeb=0x380
86	1ab0.c84: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077c70000 uNtDllChildAddr=0000000077c70000
87	1ab0.c84: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077c9b780
88	1ab0.c84: supR3HardenedWinSetupChildInit: Start child.
89	1ab0.c84: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
90	1ab0.c84: supR3HardNtChildPurify: Startup delay kludge #1/0: 265 ms, 17 sleeps
91	1ab0.c84: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
92	1ab0.c84: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
93	1ab0.c84: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
94	1ab0.c84: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
95	1ab0.c84: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
96	1ab0.c84: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
97	1ab0.c84: 0000000000041000-fffffffffff21fff 0x0001/0x0000 0x0000000
98	1ab0.c84: *0000000000160000-0000000000063fff 0x0000/0x0004 0x0020000
99	1ab0.c84: 000000000025c000-0000000000258fff 0x0104/0x0004 0x0020000
100	1ab0.c84: 000000000025f000-000000000025dfff 0x0004/0x0004 0x0020000
101	1ab0.c84: 0000000000260000-ffffffff8884ffff 0x0001/0x0000 0x0000000
102	1ab0.c84: *0000000077c70000-0000000077c70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
103	1ab0.c84: 0000000077c71000-0000000077d6efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
104	1ab0.c84: 0000000077d6f000-0000000077d9dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
105	1ab0.c84: 0000000077d9e000-0000000077da5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
106	1ab0.c84: 0000000077da6000-0000000077da6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
107	1ab0.c84: 0000000077da7000-0000000077da9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
108	1ab0.c84: 0000000077daa000-0000000077e18fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
109	1ab0.c84: 0000000077e19000-0000000070c51fff 0x0001/0x0000 0x0000000
110	1ab0.c84: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
111	1ab0.c84: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
112	1ab0.c84: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
113	1ab0.c84: 000000007fff0000-ffffffffc079ffff 0x0001/0x0000 0x0000000
114	1ab0.c84: *000000013f840000-000000013f840fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
115	1ab0.c84: 000000013f841000-000000013f8c6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
116	1ab0.c84: 000000013f8c7000-000000013f8c7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
117	1ab0.c84: 000000013f8c8000-000000013f911fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
118	1ab0.c84: 000000013f912000-000000013f912fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
119	1ab0.c84: 000000013f913000-000000013f913fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
120	1ab0.c84: 000000013f914000-000000013f915fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
121	1ab0.c84: 000000013f916000-000000013f916fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
122	1ab0.c84: 000000013f917000-000000013f917fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
123	1ab0.c84: 000000013f918000-000000013f91bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
124	1ab0.c84: 000000013f91c000-000000013f965fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
125	1ab0.c84: 000000013f966000-fffff8037f33bfff 0x0001/0x0000 0x0000000
126	1ab0.c84: *000007fefff90000-000007fefff90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\apisetschema.dll
127	1ab0.c84: 000007fefff91000-000007fdfff71fff 0x0001/0x0000 0x0000000
128	1ab0.c84: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
129	1ab0.c84: 000007fffffd3000-000007fffffcafff 0x0001/0x0000 0x0000000
130	1ab0.c84: *000007fffffdb000-000007fffffd9fff 0x0004/0x0004 0x0020000
131	1ab0.c84: 000007fffffdc000-000007fffffd9fff 0x0001/0x0000 0x0000000
132	1ab0.c84: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
133	1ab0.c84: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
134	1ab0.c84: apisetschema.dll: timestamp 0x55636622 (rc=VINF_SUCCESS)
135	1ab0.c84: VirtualBox.exe: timestamp 0x559e485f (rc=VINF_SUCCESS)
136	1ab0.c84: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
137	1ab0.c84: '\Device\HarddiskVolume2\WINDOWS\System32\apisetschema.dll' has no imports
138	1ab0.c84: '\Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll' has no imports
139	1ab0.c84: supR3HardNtChildPurify: Done after 296 ms and 0 fixes (loop #0).
140	1ab0.c84: supR3HardNtEnableThreadCreation:
141	1948.d38: Log file opened: 5.0.0r101573 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
142	1948.d38: supR3HardenedVmProcessInit: uNtDllAddr=0000000077c70000
143	1948.d38: ntdll.dll: timestamp 0x556366f2 (rc=VINF_SUCCESS)
144	1948.d38: New simple heap: #1 0000000000260000 LB 0x400000 (for 1740800 allocation)
145	1948.d38: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
146	1948.d38: System32: \Device\HarddiskVolume2\WINDOWS\System32
147	1948.d38: WinSxS: \Device\HarddiskVolume2\WINDOWS\winsxs
148	1948.d38: KnownDllPath: C:\Windows\system32
149	1948.d38: supR3HardenedVmProcessInit: Opening vboxdrv stub...
150	1948.d38: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
151	1948.d38: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
152	1948.d38: Registered Dll notification callback with NTDLL.
153	1948.d38: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll)
154	1948.d38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll
155	1948.d38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
156	1948.d38: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll [lacks WinVerifyTrust]
157	1948.d38: supR3HardenedDllNotificationCallback: load 0000000077b50000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
158	1948.d38: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll [lacks WinVerifyTrust]
159	1948.d38: supR3HardenedDllNotificationCallback: load 000007fefdd20000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
160	1948.d38: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\KernelBase.dll)
161	1948.d38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\KernelBase.dll
162	1948.d38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077b50000 'C:\Windows\system32\kernel32.dll'
163	1948.d38: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077c9b780 pvNtTerminateThread=0000000077cbe0e0
164	1ab0.c84: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 46 ms.
165	1948.d38: \SystemRoot\System32\ntdll.dll:
166	1948.d38: CreationTime: 2015-06-09T21:45:47.268968200Z
167	1948.d38: LastWriteTime: 2015-05-25T18:21:21.289963400Z
168	1948.d38: ChangeTime: 2015-06-11T18:22:33.480821100Z
169	1948.d38: FileAttributes: 0x20
170	1948.d38: Size: 0x1a61c0
171	1948.d38: NT Headers: 0xe0
172	1948.d38: Timestamp: 0x556366f2
173	1948.d38: Machine: 0x8664 - amd64
174	1948.d38: Timestamp: 0x556366f2
175	1948.d38: Image Version: 6.1
176	1948.d38: SizeOfImage: 0x1a9000 (1740800)
177	1948.d38: Resource Dir: 0x14d000 LB 0x5a028
178	1948.d38: ProductName: Microsoft® Windows® Operating System
179	1948.d38: ProductVersion: 6.1.7601.18869
180	1948.d38: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
181	1948.d38: FileDescription: NT Layer DLL
182	1948.d38: \SystemRoot\System32\kernel32.dll:
183	1948.d38: CreationTime: 2015-06-09T21:45:49.707107700Z
184	1948.d38: LastWriteTime: 2015-05-25T18:19:02.585000000Z
185	1948.d38: ChangeTime: 2015-06-11T18:22:33.714821500Z
186	1948.d38: FileAttributes: 0x20
187	1948.d38: Size: 0x11be00
188	1948.d38: NT Headers: 0xe8
189	1948.d38: Timestamp: 0x556366fc
190	1948.d38: Machine: 0x8664 - amd64
191	1948.d38: Timestamp: 0x556366fc
192	1948.d38: Image Version: 6.1
193	1948.d38: SizeOfImage: 0x11f000 (1175552)
194	1948.d38: Resource Dir: 0x116000 LB 0x528
195	1948.d38: ProductName: Microsoft® Windows® Operating System
196	1948.d38: ProductVersion: 6.1.7601.18869
197	1948.d38: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
198	1948.d38: FileDescription: Windows NT BASE API Client DLL
199	1948.d38: \SystemRoot\System32\KernelBase.dll:
200	1948.d38: CreationTime: 2015-06-09T21:45:50.668162600Z
201	1948.d38: LastWriteTime: 2015-05-25T18:19:02.585000000Z
202	1948.d38: ChangeTime: 2015-06-11T18:22:33.714821500Z
203	1948.d38: FileAttributes: 0x20
204	1948.d38: Size: 0x67c00
205	1948.d38: NT Headers: 0xe8
206	1948.d38: Timestamp: 0x556366fd
207	1948.d38: Machine: 0x8664 - amd64
208	1948.d38: Timestamp: 0x556366fd
209	1948.d38: Image Version: 6.1
210	1948.d38: SizeOfImage: 0x6c000 (442368)
211	1948.d38: Resource Dir: 0x6a000 LB 0x530
212	1948.d38: ProductName: Microsoft® Windows® Operating System
213	1948.d38: ProductVersion: 6.1.7601.18869
214	1948.d38: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
215	1948.d38: FileDescription: Windows NT BASE API Client DLL
216	1948.d38: \SystemRoot\System32\apisetschema.dll:
217	1948.d38: CreationTime: 2015-06-09T21:45:40.574585300Z
218	1948.d38: LastWriteTime: 2015-05-25T18:11:40.254000000Z
219	1948.d38: ChangeTime: 2015-06-11T18:22:33.449621000Z
220	1948.d38: FileAttributes: 0x20
221	1948.d38: Size: 0x1a00
222	1948.d38: NT Headers: 0xc0
223	1948.d38: Timestamp: 0x55636622
224	1948.d38: Machine: 0x8664 - amd64
225	1948.d38: Timestamp: 0x55636622
226	1948.d38: Image Version: 6.1
227	1948.d38: SizeOfImage: 0x50000 (327680)
228	1948.d38: Resource Dir: 0x30000 LB 0x3f8
229	1948.d38: ProductName: Microsoft® Windows® Operating System
230	1948.d38: ProductVersion: 6.1.7601.18869
231	1948.d38: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
232	1948.d38: FileDescription: ApiSet Schema DLL
233	1948.d38: NtOpenDirectoryObject failed on \Driver: 0xc0000022
234	1948.d38: supR3HardenedWinFindAdversaries: 0x0
235	1948.d38: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
236	1948.d38: Calling main()
237	1948.d38: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
238	1948.d38: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
239	1948.d38: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
240	1948.d38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
241	1948.d38: SUPR3HardenedMain: Respawn #2
242	1948.d38: supR3HardNtEnableThreadCreation:
243	1948.d38: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll)
244	1948.d38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll
245	1948.d38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
246	1948.d38: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll [lacks WinVerifyTrust]
247	1948.d38: supR3HardenedDllNotificationCallback: load 000007fefd860000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
248	1948.d38: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll [lacks WinVerifyTrust]
249	1948.d38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd860000 'C:\Windows\system32\apphelp.dll'
250	1948.d38: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077c9b780 pvNtTerminateThread=0000000077cbe0e0
251	1948.d38: supR3HardenedWinDoReSpawn(2): New child 1b0c.192c [kernel32].
252	1948.d38: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd5000 cbPeb=0x380
253	1948.d38: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077c70000 uNtDllChildAddr=0000000077c70000
254	1948.d38: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077c9b780
255	1948.d38: supR3HardenedWinSetupChildInit: Start child.
256	1948.d38: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
257	1948.d38: supR3HardNtChildPurify: Startup delay kludge #1/0: 257 ms, 32 sleeps
258	1948.d38: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
259	1948.d38: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
260	1948.d38: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
261	1948.d38: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
262	1948.d38: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
263	1948.d38: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
264	1948.d38: 0000000000041000-fffffffffff31fff 0x0001/0x0000 0x0000000
265	1948.d38: *0000000000150000-0000000000053fff 0x0000/0x0004 0x0020000
266	1948.d38: 000000000024c000-0000000000248fff 0x0104/0x0004 0x0020000
267	1948.d38: 000000000024f000-000000000024dfff 0x0004/0x0004 0x0020000
268	1948.d38: 0000000000250000-ffffffff8882ffff 0x0001/0x0000 0x0000000
269	1948.d38: *0000000077c70000-0000000077c70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
270	1948.d38: 0000000077c71000-0000000077d6efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
271	1948.d38: 0000000077d6f000-0000000077d9dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
272	1948.d38: 0000000077d9e000-0000000077da5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
273	1948.d38: 0000000077da6000-0000000077da6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
274	1948.d38: 0000000077da7000-0000000077da9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
275	1948.d38: 0000000077daa000-0000000077e18fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll
276	1948.d38: 0000000077e19000-0000000070c51fff 0x0001/0x0000 0x0000000
277	1948.d38: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
278	1948.d38: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
279	1948.d38: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
280	1948.d38: 000000007fff0000-ffffffffc079ffff 0x0001/0x0000 0x0000000
281	1948.d38: *000000013f840000-000000013f840fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
282	1948.d38: 000000013f841000-000000013f8c6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
283	1948.d38: 000000013f8c7000-000000013f8c7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
284	1948.d38: 000000013f8c8000-000000013f911fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
285	1948.d38: 000000013f912000-000000013f912fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
286	1948.d38: 000000013f913000-000000013f913fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
287	1948.d38: 000000013f914000-000000013f915fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
288	1948.d38: 000000013f916000-000000013f916fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
289	1948.d38: 000000013f917000-000000013f917fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
290	1948.d38: 000000013f918000-000000013f91bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
291	1948.d38: 000000013f91c000-000000013f965fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
292	1948.d38: 000000013f966000-fffff8037f33bfff 0x0001/0x0000 0x0000000
293	1948.d38: *000007fefff90000-000007fefff90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\WINDOWS\System32\apisetschema.dll
294	1948.d38: 000007fefff91000-000007fdfff71fff 0x0001/0x0000 0x0000000
295	1948.d38: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
296	1948.d38: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
297	1948.d38: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
298	1948.d38: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
299	1948.d38: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
300	1948.d38: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
301	1948.d38: apisetschema.dll: timestamp 0x55636622 (rc=VINF_SUCCESS)
302	1948.d38: VirtualBox.exe: timestamp 0x559e485f (rc=VINF_SUCCESS)
303	1948.d38: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
304	1948.d38: '\Device\HarddiskVolume2\WINDOWS\System32\apisetschema.dll' has no imports
305	1948.d38: '\Device\HarddiskVolume2\WINDOWS\System32\ntdll.dll' has no imports
306	1948.d38: supR3HardNtChildPurify: Done after 296 ms and 0 fixes (loop #0).
307	1948.d38: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000260000 LB 0x400000)
308	1948.d38: supR3HardNtEnableThreadCreation:
309	1b0c.192c: Log file opened: 5.0.0r101573 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
310	1b0c.192c: supR3HardenedVmProcessInit: uNtDllAddr=0000000077c70000
311	1b0c.192c: ntdll.dll: timestamp 0x556366f2 (rc=VINF_SUCCESS)
312	1b0c.192c: New simple heap: #1 0000000000250000 LB 0x400000 (for 1740800 allocation)
313	1b0c.192c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
314	1b0c.192c: System32: \Device\HarddiskVolume2\WINDOWS\System32
315	1b0c.192c: WinSxS: \Device\HarddiskVolume2\WINDOWS\winsxs
316	1b0c.192c: KnownDllPath: C:\Windows\system32
317	1b0c.192c: supR3HardenedVmProcessInit: Opening vboxdrv...
318	1b0c.192c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
319	1b0c.192c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
320	1b0c.192c: Registered Dll notification callback with NTDLL.
321	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll)
322	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll
323	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
324	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll [lacks WinVerifyTrust]
325	1b0c.192c: supR3HardenedDllNotificationCallback: load 0000000077b50000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
326	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll [lacks WinVerifyTrust]
327	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefdd20000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
328	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\KernelBase.dll)
329	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\KernelBase.dll
330	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077b50000 'C:\Windows\system32\kernel32.dll'
331	1b0c.192c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077c9b780 pvNtTerminateThread=0000000077cbe0e0
332	1948.d38: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 39 ms.
333	1b0c.192c: \SystemRoot\System32\ntdll.dll:
334	1b0c.192c: CreationTime: 2015-06-09T21:45:47.268968200Z
335	1b0c.192c: LastWriteTime: 2015-05-25T18:21:21.289963400Z
336	1b0c.192c: ChangeTime: 2015-06-11T18:22:33.480821100Z
337	1b0c.192c: FileAttributes: 0x20
338	1b0c.192c: Size: 0x1a61c0
339	1b0c.192c: NT Headers: 0xe0
340	1b0c.192c: Timestamp: 0x556366f2
341	1b0c.192c: Machine: 0x8664 - amd64
342	1b0c.192c: Timestamp: 0x556366f2
343	1b0c.192c: Image Version: 6.1
344	1b0c.192c: SizeOfImage: 0x1a9000 (1740800)
345	1b0c.192c: Resource Dir: 0x14d000 LB 0x5a028
346	1b0c.192c: ProductName: Microsoft® Windows® Operating System
347	1b0c.192c: ProductVersion: 6.1.7601.18869
348	1b0c.192c: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
349	1b0c.192c: FileDescription: NT Layer DLL
350	1b0c.192c: \SystemRoot\System32\kernel32.dll:
351	1b0c.192c: CreationTime: 2015-06-09T21:45:49.707107700Z
352	1b0c.192c: LastWriteTime: 2015-05-25T18:19:02.585000000Z
353	1b0c.192c: ChangeTime: 2015-06-11T18:22:33.714821500Z
354	1b0c.192c: FileAttributes: 0x20
355	1b0c.192c: Size: 0x11be00
356	1b0c.192c: NT Headers: 0xe8
357	1b0c.192c: Timestamp: 0x556366fc
358	1b0c.192c: Machine: 0x8664 - amd64
359	1b0c.192c: Timestamp: 0x556366fc
360	1b0c.192c: Image Version: 6.1
361	1b0c.192c: SizeOfImage: 0x11f000 (1175552)
362	1b0c.192c: Resource Dir: 0x116000 LB 0x528
363	1b0c.192c: ProductName: Microsoft® Windows® Operating System
364	1b0c.192c: ProductVersion: 6.1.7601.18869
365	1b0c.192c: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
366	1b0c.192c: FileDescription: Windows NT BASE API Client DLL
367	1b0c.192c: \SystemRoot\System32\KernelBase.dll:
368	1b0c.192c: CreationTime: 2015-06-09T21:45:50.668162600Z
369	1b0c.192c: LastWriteTime: 2015-05-25T18:19:02.585000000Z
370	1b0c.192c: ChangeTime: 2015-06-11T18:22:33.714821500Z
371	1b0c.192c: FileAttributes: 0x20
372	1b0c.192c: Size: 0x67c00
373	1b0c.192c: NT Headers: 0xe8
374	1b0c.192c: Timestamp: 0x556366fd
375	1b0c.192c: Machine: 0x8664 - amd64
376	1b0c.192c: Timestamp: 0x556366fd
377	1b0c.192c: Image Version: 6.1
378	1b0c.192c: SizeOfImage: 0x6c000 (442368)
379	1b0c.192c: Resource Dir: 0x6a000 LB 0x530
380	1b0c.192c: ProductName: Microsoft® Windows® Operating System
381	1b0c.192c: ProductVersion: 6.1.7601.18869
382	1b0c.192c: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
383	1b0c.192c: FileDescription: Windows NT BASE API Client DLL
384	1b0c.192c: \SystemRoot\System32\apisetschema.dll:
385	1b0c.192c: CreationTime: 2015-06-09T21:45:40.574585300Z
386	1b0c.192c: LastWriteTime: 2015-05-25T18:11:40.254000000Z
387	1b0c.192c: ChangeTime: 2015-06-11T18:22:33.449621000Z
388	1b0c.192c: FileAttributes: 0x20
389	1b0c.192c: Size: 0x1a00
390	1b0c.192c: NT Headers: 0xc0
391	1b0c.192c: Timestamp: 0x55636622
392	1b0c.192c: Machine: 0x8664 - amd64
393	1b0c.192c: Timestamp: 0x55636622
394	1b0c.192c: Image Version: 6.1
395	1b0c.192c: SizeOfImage: 0x50000 (327680)
396	1b0c.192c: Resource Dir: 0x30000 LB 0x3f8
397	1b0c.192c: ProductName: Microsoft® Windows® Operating System
398	1b0c.192c: ProductVersion: 6.1.7601.18869
399	1b0c.192c: FileVersion: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
400	1b0c.192c: FileDescription: ApiSet Schema DLL
401	1b0c.192c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
402	1b0c.192c: supR3HardenedWinFindAdversaries: 0x0
403	1b0c.192c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
404	1b0c.192c: Calling main()
405	1b0c.192c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
406	1b0c.192c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
407	1b0c.192c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
408	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
409	1b0c.192c: SUPR3HardenedMain: Final process, opening VBoxDrv...
410	1b0c.192c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000250000 LB 0x400000)
411	1b0c.192c: supR3HardNtEnableThreadCreation:
412	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
413	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
414	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4390:C:\Windows\system32 [calling]
415	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
416	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feec210000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
417	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
418	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
419	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
420	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec210000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
421	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
422	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
423	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec210000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
424	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec210000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
425	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
426	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
427	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
428	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
429	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll)
430	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll
431	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
432	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
433	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll)
434	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll
435	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
436	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll' [rcNtRedir=0xc0150008]
437	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll)
438	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll
439	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
440	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll' [rcNtRedir=0xc0150008]
441	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
442	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
443	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll)
444	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll
445	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
446	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
447	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll)
448	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll
449	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
450	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll' [rcNtRedir=0xc0150008]
451	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll [lacks WinVerifyTrust]
452	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
453	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
454	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
455	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4390:C:\Windows\system32 [calling]
456	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll [lacks WinVerifyTrust]
457	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefdb30000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
458	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll [lacks WinVerifyTrust]
459	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefdde0000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
460	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
461	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefdba0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
462	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll [lacks WinVerifyTrust]
463	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefda30000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
464	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll [lacks WinVerifyTrust]
465	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe370000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
466	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll [lacks WinVerifyTrust]
467	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb30000 'C:\Windows\system32\Wintrust.dll'
468	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll)
469	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll
470	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000839b60:C:\Windows\system32 [calling]
471	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll [lacks WinVerifyTrust]
472	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefd3e0000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
473	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll [lacks WinVerifyTrust]
474	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3e0000 'C:\Windows\system32\bcrypt.dll'
475	1b0c.192c: bcrypt.dll loaded at 000007fefd3e0000, BCryptOpenAlgorithmProvider at 000007fefd3e2640, preloading providers:
476	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
477	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
478	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\bcryptprimitives.dll)
479	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\bcryptprimitives.dll
480	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
481	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
482	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll [lacks WinVerifyTrust]
483	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
484	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
485	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
486	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
487	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll)
488	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll
489	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
490	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
491	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll [lacks WinVerifyTrust]
492	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
493	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
494	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
495	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
496	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
497	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefcef0000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
498	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
499	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feffa90000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
500	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll [lacks WinVerifyTrust]
501	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
502	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
503	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\sechost.dll)
504	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\sechost.dll
505	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefeb00000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
506	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\sechost.dll [lacks WinVerifyTrust]
507	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcef0000 'C:\Windows\system32\bcryptprimitives.dll'
508	1b0c.192c: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000083b240)
509	1b0c.192c: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000083ca20)
510	1b0c.192c: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000083dcb0)
511	1b0c.192c: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000083e420)
512	1b0c.192c: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000083e540)
513	1b0c.192c: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000083e660)
514	1b0c.192c: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000083e8a0)
515	1b0c.192c: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000083e9c0)
516	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll)
517	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll
518	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
519	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
520	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll [lacks WinVerifyTrust]
521	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
522	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
523	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
524	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
525	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll [lacks WinVerifyTrust]
526	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefd440000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
527	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll [lacks WinVerifyTrust]
528	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd440000 'C:\Windows\system32\CRYPTSP.dll'
529	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
530	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\rsaenh.dll)
531	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\rsaenh.dll
532	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
533	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
534	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
535	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
536	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\rsaenh.dll [lacks WinVerifyTrust]
537	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefcfa0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
538	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\rsaenh.dll [lacks WinVerifyTrust]
539	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfa0000 'C:\Windows\system32\rsaenh.dll'
540	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll [lacks WinVerifyTrust]
541	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
542	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa90000 'C:\Windows\system32\ADVAPI32.dll'
543	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll)
544	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll
545	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
546	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll [lacks WinVerifyTrust]
547	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefd8c0000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
548	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll [lacks WinVerifyTrust]
549	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\CRYPTBASE.dll'
550	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll [lacks WinVerifyTrust]
551	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
552	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077b50000 'C:\Windows\system32\kernel32.dll'
553	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll [lacks WinVerifyTrust]
554	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
555	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb30000 'C:\Windows\system32\WINTRUST.DLL'
556	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll [lacks WinVerifyTrust]
557	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
558	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\CRYPT32.dll'
559	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
560	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
561	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\imagehlp.dll)
562	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\imagehlp.dll
563	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
564	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
565	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll [lacks WinVerifyTrust]
566	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
567	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
568	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
569	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
570	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\imagehlp.dll [lacks WinVerifyTrust]
571	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feffc80000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
572	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\imagehlp.dll [lacks WinVerifyTrust]
573	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffc80000 'C:\Windows\system32\imagehlp.dll'
574	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll [lacks WinVerifyTrust]
575	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
576	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd440000 'C:\Windows\system32\CRYPTSP.dll'
577	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
578	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\user32.dll)
579	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\user32.dll
580	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
581	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
582	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
583	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
584	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll)
585	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll
586	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
587	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\lpk.dll' [rcNtRedir=0xc0150008]
588	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
589	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
590	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
591	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\lpk.dll)
592	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\lpk.dll
593	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
594	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
595	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
596	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
597	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\usp10.dll' [rcNtRedir=0xc0150008]
598	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
599	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
600	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
601	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\usp10.dll)
602	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\usp10.dll
603	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
604	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
605	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
606	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
607	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
608	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll [lacks WinVerifyTrust]
609	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
610	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
611	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll [lacks WinVerifyTrust]
612	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
613	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
614	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
615	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
616	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
617	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
618	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
619	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
620	1b0c.192c: supR3HardenedDllNotificationCallback: load 0000000077a50000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
621	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
622	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe570000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
623	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll [lacks WinVerifyTrust]
624	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefeaf0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
625	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\lpk.dll [lacks WinVerifyTrust]
626	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe2a0000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
627	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\usp10.dll [lacks WinVerifyTrust]
628	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll [lacks WinVerifyTrust]
629	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
630	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
631	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
632	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
633	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
634	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\imm32.dll)
635	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\imm32.dll
636	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
637	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msctf.dll' [rcNtRedir=0xc0150008]
638	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
639	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
640	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
641	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
642	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\msctf.dll)
643	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\msctf.dll
644	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
645	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
646	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll [lacks WinVerifyTrust]
647	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
648	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
649	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
650	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
651	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\imm32.dll' [rcNtRedir=0xc0150008]
652	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\imm32.dll [lacks WinVerifyTrust]
653	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
654	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
655	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll [lacks WinVerifyTrust]
656	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
657	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
658	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
659	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
660	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
661	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
662	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
663	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\imm32.dll [lacks WinVerifyTrust]
664	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feffc50000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
665	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\imm32.dll [lacks WinVerifyTrust]
666	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe090000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
667	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msctf.dll [lacks WinVerifyTrust]
668	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffc50000 'C:\Windows\system32\IMM32.DLL'
669	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.dll'
670	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
671	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
672	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
673	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\ncrypt.dll)
674	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\ncrypt.dll
675	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
676	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll' [rcNtRedir=0xc0150008]
677	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll [lacks WinVerifyTrust]
678	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
679	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
680	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
681	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
682	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
683	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll [lacks WinVerifyTrust]
684	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
685	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\ncrypt.dll [lacks WinVerifyTrust]
686	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefd310000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
687	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\ncrypt.dll [lacks WinVerifyTrust]
688	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd310000 'C:\Windows\system32\ncrypt.dll'
689	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll [lacks WinVerifyTrust]
690	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
691	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3e0000 'C:\Windows\system32\bcrypt.dll'
692	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
693	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
694	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
695	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\userenv.dll)
696	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\userenv.dll
697	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
698	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\profapi.dll' [rcNtRedir=0xc0150008]
699	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
700	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\profapi.dll)
701	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\profapi.dll
702	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
703	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
704	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll [lacks WinVerifyTrust]
705	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
706	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
707	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
708	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
709	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
710	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
711	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
712	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\userenv.dll [lacks WinVerifyTrust]
713	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefdb00000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
714	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\userenv.dll [lacks WinVerifyTrust]
715	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefda20000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
716	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\profapi.dll [lacks WinVerifyTrust]
717	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb00000 'C:\Windows\system32\USERENV.dll'
718	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
719	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
720	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
721	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
722	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
723	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
724	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\gpapi.dll)
725	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\gpapi.dll
726	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
727	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
728	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll [lacks WinVerifyTrust]
729	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
730	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
731	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
732	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
733	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gpapi.dll [lacks WinVerifyTrust]
734	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefccd0000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
735	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gpapi.dll [lacks WinVerifyTrust]
736	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccd0000 'C:\Windows\system32\GPAPI.dll'
737	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
738	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-WIN-Service-Management-L1-1-0.dll'
739	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll [lacks WinVerifyTrust]
740	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
741	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe370000 'C:\Windows\system32\rpcrt4.dll'
742	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
743	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-WIN-Service-Management-L2-1-0.dll'
744	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
745	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
746	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
747	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
748	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
749	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
750	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll)
751	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll
752	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
753	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\wldap32.dll' [rcNtRedir=0xc0150008]
754	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
755	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\Wldap32.dll)
756	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\Wldap32.dll
757	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
758	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll' [rcNtRedir=0xc0150008]
759	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll [lacks WinVerifyTrust]
760	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
761	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
762	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll [lacks WinVerifyTrust]
763	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
764	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
765	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
766	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
767	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
768	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
769	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
770	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
771	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fef7a40000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
772	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
773	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe1a0000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
774	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\Wldap32.dll [lacks WinVerifyTrust]
775	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
776	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
777	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
778	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
779	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
780	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
781	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
782	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
783	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
784	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
785	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
786	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
787	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
788	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
789	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
790	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
791	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
792	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
793	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
794	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
795	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
796	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
797	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
798	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
799	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
800	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
801	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
802	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
803	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
804	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll [lacks WinVerifyTrust]
805	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7a40000 'C:\Windows\system32\cryptnet.dll'
806	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
807	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
808	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\profapi.dll [lacks WinVerifyTrust]
809	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
810	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda20000 'C:\Windows\system32\profapi.dll'
811	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
812	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
813	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
814	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll)
815	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll
816	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
817	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
818	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll [lacks WinVerifyTrust]
819	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
820	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
821	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll [lacks WinVerifyTrust]
822	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
823	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
824	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll [lacks WinVerifyTrust]
825	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
826	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll [lacks WinVerifyTrust]
827	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe4a0000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
828	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll [lacks WinVerifyTrust]
829	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe4a0000 'C:\Windows\system32\SHLWAPI.dll'
830	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
831	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000860f20
832	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
833	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EDC3F71C5551972E1510D1BCC6D436D5B6B426E8
834	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
835	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
836	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
837	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-WIN-Service-Management-L1-1-0.dll'
838	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
839	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
840	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll [lacks WinVerifyTrust]
841	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
842	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa90000 'C:\Windows\system32\ADVAPI32.dll'
843	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
844	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
845	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
846	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb00000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
847	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\SystemRoot\System32\ntdll.dll'
848	1b0c.192c: g_pfnWinVerifyTrust=000007fefdb31010
849	1b0c.192c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll [redoing WinVerifyTrust]
850	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll
851	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
852	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
853	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BFD41401EDEBD4D914977D62B588ECABEE60CFD3
854	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll'
855	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
856	1b0c.192c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll'
857	1b0c.192c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll [redoing WinVerifyTrust]
858	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll
859	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
860	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
861	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E1BBE4EB6D114F50142F24E2E2749EFD81021486
862	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll'
863	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
864	1b0c.192c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll'
865	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003bc pwszName=\Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll
866	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
867	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
868	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
869	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll'
870	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
871	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll'
872	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b4 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\Wldap32.dll
873	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
874	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
875	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
876	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\Wldap32.dll'
877	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
878	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\Wldap32.dll'
879	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b0 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll
880	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
881	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
882	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=756DC088EE40CF9369C990D71B200F3CB59FC35D
883	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll'
884	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
885	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\cryptnet.dll'
886	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000026c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\gpapi.dll
887	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
888	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
889	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
890	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\gpapi.dll'
891	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
892	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\gpapi.dll'
893	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\profapi.dll
894	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
895	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
896	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
897	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\profapi.dll'
898	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
899	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\profapi.dll'
900	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d4 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\userenv.dll
901	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
902	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
903	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
904	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\userenv.dll'
905	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
906	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\userenv.dll'
907	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\ncrypt.dll
908	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
909	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
910	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=327561BCBADC135831FD13C5C67C5E26F4E2B805
911	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\ncrypt.dll'
912	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
913	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\ncrypt.dll'
914	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\msctf.dll
915	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
916	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
917	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
918	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\msctf.dll'
919	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
920	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\msctf.dll'
921	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\imm32.dll
922	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
923	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
924	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
925	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\imm32.dll'
926	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
927	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\imm32.dll'
928	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\usp10.dll
929	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
930	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
931	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
932	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\usp10.dll'
933	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
934	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\usp10.dll'
935	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\lpk.dll
936	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
937	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
938	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DF72C9DFDFB7D1CBA26FE4829B56F7B244C8A875
939	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3079904~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\lpk.dll'
940	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
941	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\lpk.dll'
942	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll
943	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
944	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
945	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB178841F5FFC6B05E668168217B0AC222A62955
946	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll'
947	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
948	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll'
949	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\user32.dll
950	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
951	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
952	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
953	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\user32.dll'
954	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
955	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll'
956	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\imagehlp.dll
957	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
958	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
959	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
960	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\imagehlp.dll'
961	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
962	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\imagehlp.dll'
963	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll
964	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
965	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
966	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=950A18CED6C5D5CAB1335676119FFFE11307EF04
967	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll'
968	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
969	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll'
970	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\rsaenh.dll'
971	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000012c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll
972	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
973	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
974	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
975	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll'
976	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
977	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll'
978	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\sechost.dll
979	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
980	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
981	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB669FA8DB80F8E50A29D055BB8D558E10E5E6B4
982	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\sechost.dll'
983	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
984	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\sechost.dll'
985	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll
986	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
987	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
988	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9BBB1FC4DED54F17702B287B63F8FE24EE5D7844
989	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll'
990	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
991	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll'
992	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\bcryptprimitives.dll'
993	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll
994	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
995	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
996	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
997	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll'
998	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
999	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\bcrypt.dll'
1000	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll
1001	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1002	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1003	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
1004	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll'
1005	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1006	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll'
1007	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll
1008	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1009	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1010	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1011	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll'
1012	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1013	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\msasn1.dll'
1014	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll
1015	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1016	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1017	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E38DB7758ACD985E98AD6101CED724203843D038
1018	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll'
1019	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1020	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll'
1021	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1022	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\KernelBase.dll
1023	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1024	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1025	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FD34F960ED54F1FB26E76A32FB91273E3093869E
1026	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\KernelBase.dll'
1027	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1028	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\KernelBase.dll'
1029	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll
1030	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1031	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1032	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1C47BBB61CB0D4D781B3BEC602422D40A0784762
1033	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll'
1034	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1035	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll'
1036	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll
1037	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000027813c0:C:\Windows\system32 [calling]
1038	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\crypt32.dll'
1039	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1040	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1041	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1042	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1043	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1044	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1045	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1046	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1047	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1048	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1049	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1050	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1051	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1052	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1053	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1054	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1055	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
1056	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1057	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1058	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1059	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1060	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1061	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1062	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1063	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1064	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1065	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
1066	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x6e2ba21058eedf00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN - DATACorp SGC
1067	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1068	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1069	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1070	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1071	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1072	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
1073	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
1074	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1075	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
1076	1b0c.192c: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1077	1b0c.192c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=38
1078	1b0c.192c: SUPR3HardenedMain: Load Runtime...
1079	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1080	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1081	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1082	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1083	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
1084	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1085	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1086	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1087	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll
1088	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1089	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1090	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000444 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
1091	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1092	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1093	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
1094	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll'
1095	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1096	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1097	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1098	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1099	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll)WinVerifyTrust
1100	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
1101	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1102	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1103	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1104	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
1105	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1106	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1107	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1108	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
1109	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1110	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1111	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1112	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1113	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1114	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\nsi.dll' [rcNtRedir=0xc0150008]
1115	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000464 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\nsi.dll
1116	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1117	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1118	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
1119	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\nsi.dll'
1120	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1121	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\nsi.dll)WinVerifyTrust
1122	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\nsi.dll
1123	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1124	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1125	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll
1126	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1127	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1128	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll
1129	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1130	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1131	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fee4dd0000 LB 0x00543000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1132	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1133	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1134	1b0c.192c: supR3HardenedDllNotificationCallback: load 000000005dce0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1135	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1136	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1137	1b0c.192c: supR3HardenedDllNotificationCallback: load 000000005dc40000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1138	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1139	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe520000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1140	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
1141	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefff70000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1142	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\nsi.dll
1143	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1144	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1145	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1146	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1147	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1148	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1149	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1150	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1151	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1152	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1153	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1154	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1155	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1156	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1157	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1158	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1159	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1160	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1161	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1162	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1163	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1164	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1165	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1166	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1167	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1168	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1169	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1170	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1171	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1172	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1173	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1174	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1175	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1176	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1177	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1178	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1179	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1180	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1181	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1182	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1183	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1184	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1185	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1186	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1187	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c4cb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;U:\Windows\software\MPlayer;C:\Program Files (x86)\Skype\Phone\;U:\Windows\software\ffmpeg-20150803-git-5750d6c-win64-static\bin;U:\Windows\software\libav-i686-w64-mingw32-11.2\usr\bin;U:\Windows\software\MPlayer-extra [calling]
1188	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1189	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1190	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1191	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4dd0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1192	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll
1193	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002781200:C:\Windows\system32 [calling]
1194	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb30000 'C:\Windows\system32\Wintrust.dll'
1195	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\crypt32.dll
1196	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002781200:C:\Windows\system32 [calling]
1197	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\crypt32.dll'
1198	1b0c.192c: SUPR3HardenedMain: Load TrustedMain...
1199	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1200	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1201	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1202	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1203	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1204	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
1205	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
1206	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
1207	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
1208	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
1209	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
1210	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
1211	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
1212	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
1213	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
1214	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
1215	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
1216	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1217	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1218	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\winmm.dll' [rcNtRedir=0xc0150008]
1219	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004bc pwszName=\Device\HarddiskVolume2\WINDOWS\System32\winmm.dll
1220	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1221	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1222	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1223	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\winmm.dll'
1224	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1225	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1226	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1227	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\winmm.dll)WinVerifyTrust
1228	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\winmm.dll
1229	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1230	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1231	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a4 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll
1232	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1233	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1234	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
1235	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll'
1236	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1237	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1238	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1239	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1240	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1241	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1242	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1243	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll)WinVerifyTrust
1244	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll
1245	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1246	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1247	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1248	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1249	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1250	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8A837B0D823EB506C6A4C447C1962174D27ED954
1251	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3020338~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll'
1252	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1253	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1254	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1255	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1256	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1257	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1258	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll)WinVerifyTrust
1259	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1260	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1261	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
1262	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c0 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1263	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1264	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1265	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E93C1851E5754D607F55581B4DE2A30B711C830
1266	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll'
1267	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1268	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1269	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1270	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1271	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1272	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll)WinVerifyTrust
1273	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1274	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1275	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\shell32.dll' [rcNtRedir=0xc0150008]
1276	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
1277	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1278	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1279	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0ED534A13973A0F8A98CD4EDC6CBC56E0448E994
1280	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3039066~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\shell32.dll'
1281	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1282	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1283	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1284	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1285	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1286	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\shell32.dll)WinVerifyTrust
1287	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
1288	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1289	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1290	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll
1291	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1292	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1293	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll
1294	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1295	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1296	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
1297	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
1298	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1299	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1300	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1301	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
1302	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1303	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1304	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
1305	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1306	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
1307	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
1308	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
1309	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
1310	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
1311	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
1312	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1313	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1314	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1315	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1316	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
1317	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
1318	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1319	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1320	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1321	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
1322	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1323	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
1324	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
1325	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
1326	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
1327	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
1328	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)WinVerifyTrust
1329	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1330	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1331	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1332	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1333	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1334	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1335	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
1336	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1337	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1338	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)WinVerifyTrust
1339	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1340	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1341	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1342	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1343	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1344	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1345	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1346	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1347	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1348	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1349	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1350	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000500 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
1351	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1352	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1353	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
1354	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll'
1355	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1356	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1357	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1358	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1359	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1360	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1361	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1362	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll)WinVerifyTrust
1363	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
1364	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1365	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1366	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1367	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1368	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ec pwszName=\Device\HarddiskVolume2\WINDOWS\System32\ddraw.dll
1369	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1370	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1371	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1372	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\ddraw.dll'
1373	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1374	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1375	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1376	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1377	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1378	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1379	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1380	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\ddraw.dll)WinVerifyTrust
1381	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\ddraw.dll
1382	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1383	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\glu32.dll' [rcNtRedir=0xc0150008]
1384	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\glu32.dll
1385	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1386	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1387	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
1388	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\glu32.dll'
1389	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1390	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1391	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1392	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1393	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\glu32.dll)WinVerifyTrust
1394	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\glu32.dll
1395	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1396	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1397	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1398	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1399	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll
1400	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1401	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1402	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1403	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1404	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1405	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1406	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1407	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1408	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1409	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1410	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
1411	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1412	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1413	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll
1414	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1415	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
1416	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1417	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1418	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1419	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1420	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1421	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1422	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1423	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1424	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1425	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1426	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1427	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1428	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1429	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\shell32.dll' [rcNtRedir=0xc0150008]
1430	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
1431	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1432	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1433	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1434	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1435	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1436	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
1437	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1438	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1439	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\WINDOWS\System32\winspool.drv' [rcNtRedir=0xc0150008]
1440	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume2\WINDOWS\System32\winspool.drv
1441	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1442	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1443	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
1444	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\winspool.drv'
1445	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1446	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1447	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1448	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1449	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\winspool.drv)WinVerifyTrust
1450	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\winspool.drv
1451	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1452	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\winmm.dll' [rcNtRedir=0xc0150008]
1453	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\winmm.dll
1454	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1455	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\imm32.dll' [rcNtRedir=0xc0150008]
1456	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\imm32.dll
1457	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1458	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1459	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1460	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1461	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1462	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll
1463	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1464	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1465	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1466	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1467	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1468	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1469	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1470	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1471	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1472	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1473	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
1474	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1475	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1476	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1477	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1478	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1479	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1480	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1481	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1482	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1483	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1484	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1485	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1486	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1487	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1488	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1489	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
1490	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1491	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1492	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1493	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1494	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1495	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1496	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll
1497	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1498	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1499	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1500	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1501	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1502	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1503	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1504	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1505	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1506	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1507	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1508	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1509	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1510	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1511	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll
1512	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1513	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1514	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1515	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1516	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1517	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
1518	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1519	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1520	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\shell32.dll' [rcNtRedir=0xc0150008]
1521	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
1522	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1523	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\comctl32.dll' [rcNtRedir=0x0]
1524	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\comctl32.dll
1525	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1526	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1527	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
1528	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\comctl32.dll'
1529	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1530	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1531	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1532	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1533	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\comctl32.dll)WinVerifyTrust
1534	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\comctl32.dll
1535	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1536	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1537	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1538	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1539	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1540	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1541	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll
1542	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1543	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1544	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1545	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1546	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1547	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1548	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1549	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1550	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1551	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1552	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll
1553	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1554	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1555	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1556	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1557	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1558	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1559	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1560	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1561	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1562	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1563	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1564	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1565	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
1566	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1567	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1568	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1569	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1570	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000510 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll
1571	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1572	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1573	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C408F88301F22BE596490B4A80BD2E09034763B4
1574	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3048761~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll'
1575	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1576	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1577	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1578	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1579	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll)WinVerifyTrust
1580	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll
1581	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1582	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1583	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000518 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll
1584	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1585	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1586	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
1587	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll'
1588	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1589	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
1590	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
1591	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
1592	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1593	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1594	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1595	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
1596	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll)WinVerifyTrust
1597	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll
1598	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1599	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1600	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1601	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1602	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000051c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\dciman32.dll
1603	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1604	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1605	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8C9D8A0CA28E607D6CBDB572E9C7896DA20280E0
1606	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3079904~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\dciman32.dll'
1607	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1608	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1609	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1610	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1611	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\dciman32.dll)WinVerifyTrust
1612	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\dciman32.dll
1613	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1614	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1615	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1616	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1617	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1618	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1619	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1620	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1621	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1622	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1623	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
1624	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\devobj.dll' [rcNtRedir=0xc0150008]
1625	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000528 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\devobj.dll
1626	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1627	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1628	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
1629	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\devobj.dll'
1630	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1631	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1632	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
1633	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\devobj.dll)WinVerifyTrust
1634	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\devobj.dll
1635	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1636	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1637	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1638	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1639	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1640	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1641	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1642	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1643	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1644	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1645	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1646	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1647	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1648	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000534 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll
1649	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1650	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1651	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
1652	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll'
1653	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1654	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1655	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
1656	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1657	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll)WinVerifyTrust
1658	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll
1659	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1660	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1661	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1662	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1663	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1664	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1665	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1666	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1667	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1668	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1669	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1670	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1671	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1672	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1673	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll
1674	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1675	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1676	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1677	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1678	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fee4320000 LB 0x00ab0000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
1679	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1680	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
1681	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fee4200000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
1682	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
1683	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\glu32.dll
1684	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feec1e0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
1685	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\glu32.dll
1686	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ddraw.dll
1687	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefae10000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
1688	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ddraw.dll
1689	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\dciman32.dll
1690	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefb110000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
1691	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\dciman32.dll
1692	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefeb20000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
1693	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll
1694	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefdda0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1695	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\cfgmgr32.dll
1696	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feffb70000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1697	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1698	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe5e0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
1699	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1700	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefdae0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1701	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\devobj.dll
1702	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll
1703	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefbb10000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
1704	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll
1705	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1706	1b0c.192c: supR3HardenedDllNotificationCallback: load 000000005d960000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
1707	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1708	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1709	1b0c.192c: supR3HardenedDllNotificationCallback: load 000000005cff0000 LB 0x0096c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
1710	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1711	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefea50000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
1712	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\comdlg32.dll
1713	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1714	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1715	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1716	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
1717	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
1718	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fef6d20000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
1719	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
1720	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefed00000 LB 0x00d89000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
1721	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
1722	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\winmm.dll
1723	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefbcd0000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
1724	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\winmm.dll
1725	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\winspool.drv
1726	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefb4a0000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
1727	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\winspool.drv
1728	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1729	1b0c.192c: supR3HardenedDllNotificationCallback: load 000000005cee0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
1730	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1731	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1732	1b0c.192c: supR3HardenedDllNotificationCallback: load 000000005ce00000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
1733	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1734	1b0c.192c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
1735	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
1736	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\imm32.dll
1737	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1738	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1739	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1740	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1741	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1742	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1743	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e4e0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1744	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffc50000 'C:\Windows\system32\imm32.dll'
1745	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4320000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
1746	1b0c.192c: SUPR3HardenedMain: Calling TrustedMain (000007fee4321770)...
1747	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\winmm.dll
1748	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1749	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbcd0000 'C:\Windows\system32\winmm.dll'
1750	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005c8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1751	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1752	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1753	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
1754	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll'
1755	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1756	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1757	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1758	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
1759	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll)WinVerifyTrust
1760	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1761	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1762	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1763	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1764	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1765	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1766	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1767	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002820860:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1768	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1769	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefbfc0000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
1770	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1771	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\Windows\system32\uxtheme.dll'
1772	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1773	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002820860:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1774	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\Windows\system32\uxtheme.dll'
1775	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1776	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002821570:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1777	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\Windows\system32\uxtheme.dll'
1778	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1779	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002821570:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1780	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\Windows\system32\uxtheme.dll'
1781	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll
1782	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1783	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbb10000 'C:\Windows\system32\dwmapi.dll'
1784	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\cryptbase.dll
1785	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1786	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\CRYPTBASE.dll'
1787	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
1788	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1789	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed00000 'C:\Windows\system32\shell32.dll'
1790	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll
1791	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1792	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077b50000 'C:\Windows\system32\kernel32.dll'
1793	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1794	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1795	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\Windows\system32\uxtheme.dll'
1796	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1797	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1798	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\Windows\system32\uxtheme.dll'
1799	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
1800	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1801	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
1802	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\user32.dll'
1803	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\uxtheme.dll
1804	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1805	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\Windows\system32\uxtheme.dll'
1806	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\user32.dll'
1807	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa90000 'C:\Windows\system32\advapi32.dll'
1808	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\userenv.dll
1809	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1810	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb00000 'C:\Windows\system32\userenv.dll'
1811	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\kernel32.dll
1812	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1813	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077b50000 'C:\Windows\system32\kernel32.dll'
1814	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000061c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\clbcatq.dll
1815	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1816	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1817	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
1818	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\clbcatq.dll'
1819	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1820	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1821	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1822	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1823	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1824	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
1825	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
1826	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\clbcatq.dll)WinVerifyTrust
1827	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\clbcatq.dll
1828	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1829	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1830	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1831	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1832	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1833	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1834	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1835	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1836	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
1837	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1838	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
1839	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1840	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1841	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1842	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll
1843	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e0f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1844	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\clbcatq.dll
1845	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefe200000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
1846	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\clbcatq.dll
1847	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe200000 'C:\Windows\system32\CLBCatQ.DLL'
1848	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa90000 'C:\Windows\system32\ADVAPI32.dll'
1849	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\cryptsp.dll
1850	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e840:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1851	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd440000 'C:\Windows\system32\CRYPTSP.dll'
1852	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000063c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\RpcRtRemote.dll
1853	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1854	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1855	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
1856	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\RpcRtRemote.dll'
1857	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1858	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
1859	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\RpcRtRemote.dll)WinVerifyTrust
1860	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\RpcRtRemote.dll
1861	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1862	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1863	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086e840:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1864	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\RpcRtRemote.dll
1865	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefd970000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
1866	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\RpcRtRemote.dll
1867	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd970000 'C:\Windows\system32\RpcRtRemote.dll'
1868	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1869	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1870	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
1871	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
1872	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
1873	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
1874	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
1875	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1876	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1877	1b0c.1914: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll)WinVerifyTrust
1878	1b0c.1914: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
1879	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1880	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1881	1b0c.1914: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1882	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1883	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
1884	1b0c.1914: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
1885	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1886	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1887	1b0c.1914: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
1888	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
1889	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\version.dll' [rcNtRedir=0xc0150008]
1890	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000690 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\version.dll
1891	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1892	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1893	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
1894	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\version.dll'
1895	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1896	1b0c.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1897	1b0c.1914: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\version.dll)WinVerifyTrust
1898	1b0c.1914: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\version.dll
1899	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1900	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1901	1b0c.1914: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll
1902	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1903	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1904	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
1905	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\psapi.dll' [rcNtRedir=0xc0150008]
1906	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000694 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\psapi.dll
1907	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1908	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1909	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=561BAAB249C395B66D294444DF251EDB701DB607
1910	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\psapi.dll'
1911	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1912	1b0c.1914: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\psapi.dll)WinVerifyTrust
1913	1b0c.1914: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\psapi.dll
1914	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1915	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1916	1b0c.1914: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1917	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1918	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1919	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1920	1b0c.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1921	1b0c.1914: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000089b100:C:\Program Files\Oracle\VirtualBox;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1922	1b0c.1914: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
1923	1b0c.1914: supR3HardenedDllNotificationCallback: load 000007fee3c20000 LB 0x005d5000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
1924	1b0c.1914: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
1925	1b0c.1914: supR3HardenedDllNotificationCallback: load 0000000077e30000 LB 0x00007000 C:\Windows\system32\PSAPI.DLL [fFlags=0x0]
1926	1b0c.1914: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\psapi.dll
1927	1b0c.1914: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\version.dll
1928	1b0c.1914: supR3HardenedDllNotificationCallback: load 000007fefcac0000 LB 0x0000c000 C:\Windows\system32\VERSION.dll [fFlags=0x0]
1929	1b0c.1914: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\version.dll
1930	1b0c.1914: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee3c20000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
1931	1b0c.1914: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1932	1b0c.1914: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002821570:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1933	1b0c.1914: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffb70000 'C:\Windows\system32\oleaut32.dll'
1934	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000684 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\sxs.dll
1935	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1936	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1937	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
1938	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\sxs.dll'
1939	1b0c.1914: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1940	1b0c.1914: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\sxs.dll)WinVerifyTrust
1941	1b0c.1914: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\sxs.dll
1942	1b0c.1914: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SXS.DLL (Input=SXS.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086ecc0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1943	1b0c.1914: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\sxs.dll
1944	1b0c.1914: supR3HardenedDllNotificationCallback: load 000007fefd8d0000 LB 0x00091000 C:\Windows\system32\SXS.DLL [fFlags=0x0]
1945	1b0c.1914: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\sxs.dll
1946	1b0c.1914: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8d0000 'C:\Windows\system32\SXS.DLL'
1947	1b0c.1914: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa90000 'C:\Windows\system32\ADVAPI32.dll'
1948	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
1949	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086ef00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1950	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffb70000 'C:\Windows\system32\OLEAUT32.dll'
1951	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
1952	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3b230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1953	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
1954	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
1955	1b0c.1b60: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1956	1b0c.1b60: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1957	1b0c.1b60: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll)WinVerifyTrust
1958	1b0c.1b60: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
1959	1b0c.1b60: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1960	1b0c.1b60: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1961	1b0c.1b60: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1962	1b0c.1b60: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1963	1b0c.1b60: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1964	1b0c.1b60: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
1965	1b0c.1b60: supR3HardenedDllNotificationCallback: load 000007feec1d0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
1966	1b0c.1b60: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
1967	1b0c.1b60: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1d0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
1968	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\user32.dll'
1969	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
1970	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000086ed50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1971	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed00000 'C:\Windows\system32\shell32.dll'
1972	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxoglhostcrutil.dll'.
1973	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1974	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
1975	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtcorevbox4.dll'.
1976	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtguivbox4.dll'.
1977	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtopenglvbox4.dll'.
1978	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'opengl32.dll'.
1979	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
1980	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
1981	1b0c.192c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
1982	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aa8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll
1983	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
1984	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
1985	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8FFB8CDACDC5C9C6D9256E97FB0710E2753FFAA1
1986	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3045645~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll'
1987	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1988	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll)WinVerifyTrust
1989	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll
1990	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1991	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1992	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
1993	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
1994	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
1995	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1996	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1997	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1998	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1999	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
2000	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
2001	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2002	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2003	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2004	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2005	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2006	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2007	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2008	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2009	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2010	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shlwapi.dll'.
2011	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
2012	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll)WinVerifyTrust
2013	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2014	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2015	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2016	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
2017	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2018	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2019	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shlwapi.dll
2020	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2021	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2022	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2023	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2024	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2025	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll
2026	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fefd860000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2027	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\apphelp.dll
2028	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd860000 'C:\Windows\system32\apphelp.dll'
2029	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
2030	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2031	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shell32.dll'.
2032	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2033	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2034	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll)WinVerifyTrust
2035	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
2036	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2037	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2038	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll
2039	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2040	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
2041	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
2042	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2043	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\shell32.dll' [rcNtRedir=0xc0150008]
2044	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\shell32.dll
2045	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2046	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2047	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2048	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2049	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\user32.dll
2050	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002cd40c0:C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2051	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
2052	1b0c.192c: supR3HardenedDllNotificationCallback: load 0000000010000000 LB 0x00065000 C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll [fFlags=0x0]
2053	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
2054	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\psapi.dll
2055	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\PSAPI.DLL (Input=PSAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2056	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077e30000 'C:\Windows\system32\PSAPI.DLL'
2057	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000010000000 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll'
2058	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa90000 'C:\Windows\system32\ADVAPI32.dll'
2059	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ole32.dll
2060	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2061	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5e0000 'C:\Windows\system32\ole32.dll'
2062	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5e0000 'C:\Windows\system32\ole32.dll'
2063	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffb70000 'C:\Windows\system32\OLEAUT32.dll'
2064	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af0 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemprox.dll
2065	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2066	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2067	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
2068	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemprox.dll'
2069	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2070	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2071	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
2072	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2073	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2074	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
2075	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
2076	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemprox.dll)WinVerifyTrust
2077	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemprox.dll
2078	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2079	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2080	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
2081	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2082	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
2083	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2084	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2085	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2086	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2087	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2088	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2089	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll
2090	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2091	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2092	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
2093	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll'
2094	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2095	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2096	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
2097	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2098	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2099	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
2100	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll)WinVerifyTrust
2101	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll
2102	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2103	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2104	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2105	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2106	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
2107	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2108	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2109	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2110	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
2111	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2112	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2113	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2114	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2115	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000861e30:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2116	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemprox.dll
2117	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feebe20000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2118	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemprox.dll
2119	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll
2120	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feec020000 LB 0x00086000 C:\Windows\system32\wbemcomn.dll [fFlags=0x0]
2121	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll
2122	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebe20000 'C:\Windows\system32\wbem\wbemprox.dll'
2123	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b14 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemsvc.dll
2124	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2125	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2126	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
2127	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemsvc.dll'
2128	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2129	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2130	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2131	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemsvc.dll)WinVerifyTrust
2132	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemsvc.dll
2133	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2134	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2135	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2136	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2137	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000861e30:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2138	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemsvc.dll
2139	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007fee7260000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2140	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbem\wbemsvc.dll
2141	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7260000 'C:\Windows\system32\wbem\wbemsvc.dll'
2142	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b20 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\wbem\fastprox.dll
2143	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2144	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2145	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
2146	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\wbem\fastprox.dll'
2147	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2148	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2149	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
2150	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2151	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2152	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2153	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
2154	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\wbem\fastprox.dll)WinVerifyTrust
2155	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\wbem\fastprox.dll
2156	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
2157	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
2158	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b08 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\ntdsapi.dll
2159	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2160	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2161	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
2162	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\ntdsapi.dll'
2163	1b0c.192c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2164	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2165	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
2166	1b0c.192c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
2167	1b0c.192c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\ntdsapi.dll)WinVerifyTrust
2168	1b0c.192c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\ntdsapi.dll
2169	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2170	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
2171	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2172	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2173	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2174	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2175	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2176	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2177	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbemcomn.dll
2178	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2179	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2180	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2181	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2182	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll
2183	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2184	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2185	1b0c.192c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll
2186	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2187	1b0c.192c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2188	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000861e30:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2189	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbem\fastprox.dll
2190	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feebe60000 LB 0x000e2000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2191	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wbem\fastprox.dll
2192	1b0c.192c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntdsapi.dll
2193	1b0c.192c: supR3HardenedDllNotificationCallback: load 000007feebe30000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
2194	1b0c.192c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntdsapi.dll
2195	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebe60000 'C:\Windows\system32\wbem\fastprox.dll'
2196	1b0c.192c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffb70000 'C:\Windows\system32\OLEAUT32.dll'
2197	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2198	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2199	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2200	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
2201	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2202	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
2203	1b0c.171c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxVRDP.dll)WinVerifyTrust
2204	1b0c.171c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxVRDP.dll
2205	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2206	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2207	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2208	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2209	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2210	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2211	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2212	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2213	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2214	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2215	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2216	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2217	1b0c.171c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxVRDP.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2218	1b0c.171c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxVRDP.dll
2219	1b0c.171c: supR3HardenedDllNotificationCallback: load 000007fee3390000 LB 0x0017a000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxVRDP.DLL [fFlags=0x0]
2220	1b0c.171c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxVRDP.dll
2221	1b0c.171c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee3390000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxVRDP.DLL'
2222	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bcc pwszName=\Device\HarddiskVolume2\WINDOWS\System32\mswsock.dll
2223	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2224	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2225	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8E5754748E0E000AB425BF2AEB177780FB43945
2226	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2888049~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\mswsock.dll'
2227	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2228	1b0c.1ab8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2229	1b0c.1ab8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2230	1b0c.1ab8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
2231	1b0c.1ab8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
2232	1b0c.1ab8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\mswsock.dll)WinVerifyTrust
2233	1b0c.1ab8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\mswsock.dll
2234	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2235	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2236	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2237	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2238	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2239	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2240	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2241	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2242	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2243	1b0c.1ab8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\mswsock.dll
2244	1b0c.1ab8: supR3HardenedDllNotificationCallback: load 000007fefd1f0000 LB 0x00055000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
2245	1b0c.1ab8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\mswsock.dll
2246	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1f0000 'C:\Windows\system32\mswsock.dll'
2247	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bf8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\wship6.dll
2248	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2249	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2250	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=68F2FDFC5151940B71C922BC59B7767F02726F85
2251	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\wship6.dll'
2252	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2253	1b0c.1ab8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
2254	1b0c.1ab8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\wship6.dll)WinVerifyTrust
2255	1b0c.1ab8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\wship6.dll
2256	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2257	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2258	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wship6.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2259	1b0c.1ab8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wship6.dll
2260	1b0c.1ab8: supR3HardenedDllNotificationCallback: load 000007fefd360000 LB 0x00007000 C:\Windows\System32\wship6.dll [fFlags=0x0]
2261	1b0c.1ab8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wship6.dll
2262	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd360000 'C:\Windows\System32\wship6.dll'
2263	1b0c.1ab8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\mswsock.dll
2264	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2265	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1f0000 'C:\Windows\system32\mswsock.dll'
2266	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000be8 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\WSHTCPIP.DLL
2267	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2268	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2269	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EFFE58BB9FD8A94FD1609B7F82A43C8E09D98AA
2270	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\WINDOWS\System32\WSHTCPIP.DLL'
2271	1b0c.1ab8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2272	1b0c.1ab8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
2273	1b0c.1ab8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\WSHTCPIP.DLL)WinVerifyTrust
2274	1b0c.1ab8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\WSHTCPIP.DLL
2275	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2276	1b0c.1ab8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2277	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wshtcpip.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2278	1b0c.1ab8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\WSHTCPIP.DLL
2279	1b0c.1ab8: supR3HardenedDllNotificationCallback: load 000007fefcbe0000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [fFlags=0x0]
2280	1b0c.1ab8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\WSHTCPIP.DLL
2281	1b0c.1ab8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbe0000 'C:\Windows\System32\wshtcpip.dll'
2282	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2283	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
2284	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2285	1b0c.171c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
2286	1b0c.171c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2287	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2288	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2289	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
2290	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
2291	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
2292	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2293	1b0c.171c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2294	1b0c.171c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
2295	1b0c.171c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2296	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2297	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2298	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2299	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2300	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2301	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2302	1b0c.171c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2303	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2304	1b0c.171c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2305	1b0c.171c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2306	1b0c.171c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2307	1b0c.171c: supR3HardenedDllNotificationCallback: load 000007fee30f0000 LB 0x00291000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2308	1b0c.171c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2309	1b0c.171c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2310	1b0c.171c: supR3HardenedDllNotificationCallback: load 000000005c170000 LB 0x0010a000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
2311	1b0c.171c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2312	1b0c.171c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee30f0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2313	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2314	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2315	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
2316	1b0c.15b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetLwf.sys)
2317	1b0c.15b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetLwf.sys
2318	1b0c.15b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetLwf.sys [avoiding WinVerifyTrust]
2319	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2320	1b0c.15b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxUSBMon.sys)
2321	1b0c.15b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxUSBMon.sys
2322	1b0c.15b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxUSBMon.sys [avoiding WinVerifyTrust]
2323	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2324	1b0c.15b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxDrv.sys)
2325	1b0c.15b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxDrv.sys
2326	1b0c.15b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxDrv.sys [avoiding WinVerifyTrust]
2327	1b0c.15b8: \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetAdp.sys: Owner is administrators group.
2328	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2329	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2330	1b0c.15b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetAdp.sys)
2331	1b0c.15b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetAdp.sys
2332	1b0c.15b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetAdp.sys [avoiding WinVerifyTrust]
2333	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2334	1b0c.15b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2335	1b0c.15b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetFlt.sys)
2336	1b0c.15b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetFlt.sys
2337	1b0c.15b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetFlt.sys [avoiding WinVerifyTrust]
2338	1b0c.79c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetFlt.sys'
2339	1b0c.79c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetAdp.sys'
2340	1b0c.79c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxDrv.sys'
2341	1b0c.79c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxUSBMon.sys'
2342	1b0c.79c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\WINDOWS\System32\drivers\VBoxNetLwf.sys'
2343	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2344	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2345	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2346	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2347	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll)WinVerifyTrust
2348	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2349	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2350	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2351	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2352	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2353	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2354	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2355	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2356	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2357	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2358	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2359	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2360	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2361	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2362	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
2363	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys)WinVerifyTrust
2364	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys
2365	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2366	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2367	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'pshed.dll'.
2368	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2369	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'kdcom.dll'.
2370	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'clfs.sys'.
2371	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ci.dll'.
2372	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe)WinVerifyTrust
2373	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2374	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2375	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2376	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys
2377	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2378	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2379	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2380	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2381	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2382	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2383	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2384	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2385	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2386	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
2387	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
2388	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2389	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2390	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msrpc.sys'.
2391	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\netio.sys)WinVerifyTrust
2392	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\netio.sys
2393	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2394	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2395	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys
2396	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2397	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2398	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2399	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
2400	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msrpc.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\drivers\msrpc.sys' [rcNtRedir=0xc0150008]
2401	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2402	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\drivers\msrpc.sys)WinVerifyTrust
2403	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\drivers\msrpc.sys
2404	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2405	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2406	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\ndis.sys
2407	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2408	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2409	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2410	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ci.dll'...
2411	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ci.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ci.dll' [rcNtRedir=0xc0150008]
2412	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2413	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\ci.dll)WinVerifyTrust
2414	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\ci.dll
2415	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'clfs.sys'...
2416	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'clfs.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\clfs.sys' [rcNtRedir=0xc0150008]
2417	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2418	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\clfs.sys)WinVerifyTrust
2419	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\clfs.sys
2420	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
2421	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\kdcom.dll' [rcNtRedir=0xc0150008]
2422	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2423	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2424	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\kdcom.dll)WinVerifyTrust
2425	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\kdcom.dll
2426	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2427	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\hal.dll' [rcNtRedir=0xc0150008]
2428	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2429	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'kdcom.dll'.
2430	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'pshed.dll'.
2431	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\hal.dll)WinVerifyTrust
2432	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\hal.dll
2433	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
2434	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\pshed.dll' [rcNtRedir=0xc0150008]
2435	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2436	1b0c.79c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2437	1b0c.79c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\PSHED.DLL)WinVerifyTrust
2438	1b0c.79c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\PSHED.DLL
2439	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
2440	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume2\WINDOWS\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
2441	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\drivers\netio.sys
2442	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2443	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\hal.dll' [rcNtRedir=0xc0150008]
2444	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\hal.dll
2445	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2446	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2447	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2448	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2449	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\hal.dll' [rcNtRedir=0xc0150008]
2450	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\hal.dll
2451	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2452	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2453	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2454	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
2455	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\pshed.dll' [rcNtRedir=0xc0150008]
2456	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\PSHED.DLL
2457	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
2458	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\kdcom.dll' [rcNtRedir=0xc0150008]
2459	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\kdcom.dll
2460	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2461	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2462	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe
2463	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2464	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\hal.dll' [rcNtRedir=0xc0150008]
2465	1b0c.79c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\hal.dll
2466	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2467	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2468	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2469	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2470	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2471	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2472	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2473	1b0c.79c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\WINDOWS\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2474	1b0c.79c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2475	1b0c.79c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2476	1b0c.79c: supR3HardenedDllNotificationCallback: load 000007fee30e0000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2477	1b0c.79c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2478	1b0c.79c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee30e0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
2479	1b0c.198c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2480	1b0c.198c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2481	1b0c.198c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2482	1b0c.198c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll)WinVerifyTrust
2483	1b0c.198c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2484	1b0c.198c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2485	1b0c.198c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2486	1b0c.198c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2487	1b0c.198c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2488	1b0c.198c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2489	1b0c.198c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2490	1b0c.198c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2491	1b0c.198c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
2492	1b0c.198c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2493	1b0c.198c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2494	1b0c.198c: supR3HardenedDllNotificationCallback: load 000007fee30d0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2495	1b0c.198c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2496	1b0c.198c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee30d0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
2497	1b0c.15b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
2498	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2499	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
2500	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2501	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxvmm.dll'.
2502	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxoglrenderspu.dll'.
2503	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
2504	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
2505	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
2506	1b0c.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll)WinVerifyTrust
2507	1b0c.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
2508	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2509	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2510	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2511	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\ole32.dll' [rcNtRedir=0xc0150008]
2512	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2513	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2514	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglrenderspu.dll'...
2515	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglrenderspu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglrenderspu.dll' [rcNtRedir=0xc0150008]
2516	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2517	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
2518	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2519	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2520	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
2521	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
2522	1b0c.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll)WinVerifyTrust
2523	1b0c.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2524	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2525	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2526	1b0c.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2527	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2528	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2529	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2530	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2531	1b0c.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2532	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2533	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2534	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2535	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2536	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2537	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2538	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2539	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2540	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2541	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2542	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2543	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2544	1b0c.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2545	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2546	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2547	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2548	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
2549	1b0c.234: supR3HardenedDllNotificationCallback: load 000007fee2fa0000 LB 0x0012a000 C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL [fFlags=0x0]
2550	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
2551	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2552	1b0c.234: supR3HardenedDllNotificationCallback: load 000007fee2f60000 LB 0x00034000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll [fFlags=0x0]
2553	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2554	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2555	1b0c.234: supR3HardenedDllNotificationCallback: load 000007fee2f30000 LB 0x00028000 C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll [fFlags=0x0]
2556	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2557	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2fa0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL'
2558	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2559	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2560	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2f30000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll'
2561	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2562	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
2563	1b0c.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll)WinVerifyTrust
2564	1b0c.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
2565	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2566	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2567	1b0c.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2568	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2569	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2570	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2571	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
2572	1b0c.234: supR3HardenedDllNotificationCallback: load 000007fee2f10000 LB 0x0001a000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll [fFlags=0x0]
2573	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
2574	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2f10000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll'
2575	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
2576	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/opengl32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2577	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
2578	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32/opengl32.dll'
2579	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\opengl32.dll
2580	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2581	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.dll'
2582	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2583	1b0c.234: \Device\HarddiskVolume2\WINDOWS\System32\atig6pxx.dll: Owner is administrators group.
2584	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d9c pwszName=\Device\HarddiskVolume2\WINDOWS\System32\atig6pxx.dll
2585	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2586	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2587	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EDDAB983C6492C056E49224E82BE37B02859812E
2588	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT'; file='\Device\HarddiskVolume2\WINDOWS\System32\atig6pxx.dll'
2589	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2590	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
2591	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2592	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2593	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2594	1b0c.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\atig6pxx.dll)WinVerifyTrust
2595	1b0c.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\atig6pxx.dll
2596	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2597	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2598	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2599	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2600	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2601	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2602	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2603	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2604	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\atig6pxx.dll (Input=atig6pxx.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2605	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atig6pxx.dll
2606	1b0c.234: supR3HardenedDllNotificationCallback: load 000007fee2f00000 LB 0x00008000 C:\Windows\system32\atig6pxx.dll [fFlags=0x0]
2607	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atig6pxx.dll
2608	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2f00000 'C:\Windows\system32\atig6pxx.dll'
2609	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2610	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2611	1b0c.234: \Device\HarddiskVolume2\WINDOWS\System32\atio6axx.dll: Owner is administrators group.
2612	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dbc pwszName=\Device\HarddiskVolume2\WINDOWS\System32\atio6axx.dll
2613	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2614	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2615	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1D0FFD5A6F249115FEE64CEF5ACBBA5D720B737C
2616	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT'; file='\Device\HarddiskVolume2\WINDOWS\System32\atio6axx.dll'
2617	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2618	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
2619	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2620	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'version.dll'.
2621	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2622	1b0c.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\atio6axx.dll)WinVerifyTrust
2623	1b0c.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\atio6axx.dll
2624	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2625	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2626	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
2627	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\version.dll' [rcNtRedir=0xc0150008]
2628	1b0c.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\version.dll
2629	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2630	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2631	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2632	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2633	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\atio6axx.dll (Input=atio6axx.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2634	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atio6axx.dll
2635	1b0c.234: supR3HardenedDllNotificationCallback: load 0000000069030000 LB 0x010ff000 C:\Windows\system32\atio6axx.dll [fFlags=0x0]
2636	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atio6axx.dll
2637	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\dwmapi.dll
2638	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3ac00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2639	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbb10000 'C:\Windows\system32\dwmapi.dll'
2640	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000069030000 'C:\Windows\system32\atio6axx.dll'
2641	1b0c.234: \Device\HarddiskVolume2\WINDOWS\System32\atig6txx.dll: Owner is administrators group.
2642	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dcc pwszName=\Device\HarddiskVolume2\WINDOWS\System32\atig6txx.dll
2643	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2644	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2645	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=15972F598A1F9447712528265645E2FE28261A9A
2646	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT'; file='\Device\HarddiskVolume2\WINDOWS\System32\atig6txx.dll'
2647	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2648	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
2649	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2650	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2651	1b0c.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\atig6txx.dll)WinVerifyTrust
2652	1b0c.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\atig6txx.dll
2653	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2654	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2655	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2656	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2657	1b0c.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll
2658	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2659	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2660	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\atig6txx.dll (Input=atig6txx.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2661	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atig6txx.dll
2662	1b0c.234: supR3HardenedDllNotificationCallback: load 000007fee2ef0000 LB 0x00009000 C:\Windows\system32\atig6txx.dll [fFlags=0x0]
2663	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atig6txx.dll
2664	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2ef0000 'C:\Windows\system32\atig6txx.dll'
2665	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2666	1b0c.234: \Device\HarddiskVolume2\WINDOWS\System32\atiadlxx.dll: Owner is administrators group.
2667	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d90 pwszName=\Device\HarddiskVolume2\WINDOWS\System32\atiadlxx.dll
2668	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000860f20
2669	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000860f20
2670	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=405FF55B61979B33C23AABF37A66FF4CF666CEF2
2671	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT'; file='\Device\HarddiskVolume2\WINDOWS\System32\atiadlxx.dll'
2672	1b0c.234: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2673	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
2674	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2675	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2676	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
2677	1b0c.234: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
2678	1b0c.234: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\WINDOWS\System32\atiadlxx.dll)WinVerifyTrust
2679	1b0c.234: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\WINDOWS\System32\atiadlxx.dll
2680	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2681	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2682	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2683	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2684	1b0c.234: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\setupapi.dll
2685	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2686	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2687	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2688	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2689	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2690	1b0c.234: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\WINDOWS\System32\user32.dll' [rcNtRedir=0xc0150008]
2691	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\atiadlxx.dll (Input=atiadlxx.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2692	1b0c.234: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atiadlxx.dll
2693	1b0c.234: supR3HardenedDllNotificationCallback: load 0000000180000000 LB 0x00052000 C:\Windows\system32\atiadlxx.dll [fFlags=0x0]
2694	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\atiadlxx.dll
2695	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000180000000 'C:\Windows\system32\atiadlxx.dll'
2696	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2697	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2698	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2699	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2700	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2701	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2702	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2703	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2704	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2705	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2706	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2707	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2708	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2709	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2710	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2711	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2712	1b0c.234: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\WINDOWS\System32\wintrust.dll
2713	1b0c.234: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004f3a540:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2714	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb30000 'C:\Windows\system32\WINTRUST.dll'
2715	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2716	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2717	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2718	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077a50000 'C:\Windows\system32\USER32.DLL'
2719	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2720	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2721	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe570000 'C:\Windows\system32\gdi32.dll'
2722	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.DLL'
2723	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.dll'
2724	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.dll'
2725	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.dll'
2726	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.dll'
2727	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.dll'
2728	1b0c.234: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee4200000 'C:\Windows\system32\OPENGL32.dll'
2729	1b0c.f98: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffb70000 'C:\Windows\system32\OLEAUT32.dll'
2730	1948.d38: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 429331 ms, the end);
2731	1ab0.c84: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 429705 ms, the end);

Download in other formats:

Original Format