Ticket #14130: VBoxStartup.log

File VBoxStartup.log, 265.0 KB (added by c3p0i, 9 years ago)

Line
1	a80.1634: Log file opened: 4.3.28r100309 g_hStartupLog=000000fc g_uNtVerCombined=0x611db110
2	a80.1634: \SystemRoot\System32\ntdll.dll:
3	a80.1634: CreationTime: 2015-05-13T01:43:23.150528200Z
4	a80.1634: LastWriteTime: 2015-04-27T19:08:02.560861300Z
5	a80.1634: ChangeTime: 2015-05-13T06:05:12.472030600Z
6	a80.1634: FileAttributes: 0x20
7	a80.1634: Size: 0x13f400
8	a80.1634: NT Headers: 0xd0
9	a80.1634: Timestamp: 0x553e8801
10	a80.1634: Machine: 0x14c - i386
11	a80.1634: Timestamp: 0x553e8801
12	a80.1634: Image Version: 6.1
13	a80.1634: SizeOfImage: 0x141000 (1314816)
14	a80.1634: Resource Dir: 0xe1000 LB 0x5a028
15	a80.1634: ProductName: Microsoft® Windows® Operating System
16	a80.1634: ProductVersion: 6.1.7601.18839
17	a80.1634: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707)
18	a80.1634: FileDescription: NT Layer DLL
19	a80.1634: \SystemRoot\System32\kernel32.dll:
20	a80.1634: CreationTime: 2014-04-17T06:50:28.609395400Z
21	a80.1634: LastWriteTime: 2014-03-04T09:17:13.817000000Z
22	a80.1634: ChangeTime: 2014-04-22T06:36:30.681081700Z
23	a80.1634: FileAttributes: 0x20
24	a80.1634: Size: 0xd4000
25	a80.1634: NT Headers: 0xf0
26	a80.1634: Timestamp: 0x531599f5
27	a80.1634: Machine: 0x14c - i386
28	a80.1634: Timestamp: 0x531599f5
29	a80.1634: Image Version: 6.1
30	a80.1634: SizeOfImage: 0xd4000 (868352)
31	a80.1634: Resource Dir: 0xc7000 LB 0x528
32	a80.1634: ProductName: Microsoft® Windows® Operating System
33	a80.1634: ProductVersion: 6.1.7601.18409
34	a80.1634: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
35	a80.1634: FileDescription: Windows NT BASE API Client DLL
36	a80.1634: \SystemRoot\System32\KernelBase.dll:
37	a80.1634: CreationTime: 2014-05-14T10:04:05.890013400Z
38	a80.1634: LastWriteTime: 2014-03-04T09:17:13.817000000Z
39	a80.1634: ChangeTime: 2014-05-14T15:06:48.300616400Z
40	a80.1634: FileAttributes: 0x20
41	a80.1634: Size: 0x47a00
42	a80.1634: NT Headers: 0xe0
43	a80.1634: Timestamp: 0x531599f6
44	a80.1634: Machine: 0x14c - i386
45	a80.1634: Timestamp: 0x531599f6
46	a80.1634: Image Version: 6.1
47	a80.1634: SizeOfImage: 0x4b000 (307200)
48	a80.1634: Resource Dir: 0x47000 LB 0x530
49	a80.1634: ProductName: Microsoft® Windows® Operating System
50	a80.1634: ProductVersion: 6.1.7601.18409
51	a80.1634: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
52	a80.1634: FileDescription: Windows NT BASE API Client DLL
53	a80.1634: \SystemRoot\System32\apisetschema.dll:
54	a80.1634: CreationTime: 2015-05-13T01:43:21.798450900Z
55	a80.1634: LastWriteTime: 2015-04-27T18:59:41.743000000Z
56	a80.1634: ChangeTime: 2015-05-13T06:05:12.222430200Z
57	a80.1634: FileAttributes: 0x20
58	a80.1634: Size: 0x1a00
59	a80.1634: NT Headers: 0xc0
60	a80.1634: Timestamp: 0x553e8756
61	a80.1634: Machine: 0x14c - i386
62	a80.1634: Timestamp: 0x553e8756
63	a80.1634: Image Version: 6.1
64	a80.1634: SizeOfImage: 0x50000 (327680)
65	a80.1634: Resource Dir: 0x30000 LB 0x3f8
66	a80.1634: ProductName: Microsoft® Windows® Operating System
67	a80.1634: ProductVersion: 6.1.7601.18839
68	a80.1634: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707)
69	a80.1634: FileDescription: ApiSet Schema DLL
70	a80.1634: supR3HardenedWinFindAdversaries: 0x0
71	a80.1634: Calling main()
72	a80.1634: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
73	a80.1634: SUPR3HardenedMain: Respawn #1
74	a80.1634: System32: \Device\HarddiskVolume2\Windows\System32
75	a80.1634: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
76	a80.1634: KnownDllPath: C:\Windows\system32
77	a80.1634: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
78	a80.1634: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
79	a80.1634: supR3HardNtEnableThreadCreation:
80	a80.1634: supR3HardNtDisableThreadCreation: pvLdrInitThunk=77223861 pvNtTerminateThread=77206930
81	a80.1634: supR3HardenedWinDoReSpawn(1): New child 3c4.d74 [kernel32].
82	a80.1634: supR3HardNtChildGatherData: PebBaseAddress=7ffd8000 cbPeb=0x248
83	a80.1634: supR3HardNtPuChFindNtdll: uNtDllParentAddr=771c0000 uNtDllChildAddr=771c0000
84	a80.1634: supR3HardenedWinSetupChildInit: uLdrInitThunk=77223861
85	a80.1634: supR3HardenedWinSetupChildInit: Start child.
86	a80.1634: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
87	a80.1634: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 0 sleeps
88	a80.1634: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
89	a80.1634: *00000000-fffeffff 0x0001/0x0000 0x0000000
90	a80.1634: *00010000-fffeffff 0x0004/0x0004 0x0020000
91	a80.1634: *00030000-0002bfff 0x0002/0x0002 0x0040000
92	a80.1634: 00034000-00027fff 0x0001/0x0000 0x0000000
93	a80.1634: *00040000-0003efff 0x0004/0x0004 0x0020000
94	a80.1634: 00041000-00031fff 0x0001/0x0000 0x0000000
95	a80.1634: *00050000-0004efff 0x0004/0x0004 0x0020000
96	a80.1634: 00051000-ffff1fff 0x0001/0x0000 0x0000000
97	a80.1634: *000b0000-fffb2fff 0x0000/0x0004 0x0020000
98	a80.1634: 001ad000-001aafff 0x0104/0x0004 0x0020000
99	a80.1634: 001af000-001adfff 0x0004/0x0004 0x0020000
100	a80.1634: 001b0000-ff97ffff 0x0001/0x0000 0x0000000
101	a80.1634: *009e0000-009e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
102	a80.1634: 009e1000-00a55fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
103	a80.1634: 00a56000-00a56fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
104	a80.1634: 00a57000-00a84fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
105	a80.1634: 00a85000-00a85fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
106	a80.1634: 00a86000-00a86fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
107	a80.1634: 00a87000-00a87fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
108	a80.1634: 00a88000-00a88fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
109	a80.1634: 00a89000-00a8afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
110	a80.1634: 00a8b000-00a8dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
111	a80.1634: 00a8e000-00ac0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
112	a80.1634: 00ac1000-8a3c1fff 0x0001/0x0000 0x0000000
113	a80.1634: *771c0000-771c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
114	a80.1634: 771c1000-77297fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
115	a80.1634: 77298000-7729dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
116	a80.1634: 7729e000-7729efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
117	a80.1634: 7729f000-772a0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
118	a80.1634: 772a1000-77300fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
119	a80.1634: 77301000-771e1fff 0x0001/0x0000 0x0000000
120	a80.1634: *77420000-77420fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
121	a80.1634: 77421000-6e891fff 0x0001/0x0000 0x0000000
122	a80.1634: *7ffb0000-7ff8cfff 0x0002/0x0002 0x0040000
123	a80.1634: 7ffd3000-7ffcdfff 0x0001/0x0000 0x0000000
124	a80.1634: *7ffd8000-7ffd6fff 0x0004/0x0004 0x0020000
125	a80.1634: 7ffd9000-7ffd2fff 0x0001/0x0000 0x0000000
126	a80.1634: *7ffdf000-7ffddfff 0x0004/0x0004 0x0020000
127	a80.1634: *7ffe0000-7ffdefff 0x0002/0x0002 0x0020000
128	a80.1634: 7ffe1000-7ffd1fff 0x0001/0x0002 0x0020000
129	a80.1634: apisetschema.dll: timestamp 0x553e8756 (rc=VINF_SUCCESS)
130	a80.1634: VirtualBox.exe: timestamp 0x55536e4b (rc=VINF_SUCCESS)
131	a80.1634: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
132	a80.1634: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
133	a80.1634: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
134	a80.1634: supR3HardNtChildPurify: Done after 314 ms and 0 fixes (loop #0).
135	a80.1634: supR3HardNtEnableThreadCreation:
136	3c4.d74: Log file opened: 4.3.28r100309 g_hStartupLog=00000004 g_uNtVerCombined=0x611db110
137	3c4.d74: supR3HardenedVmProcessInit: uNtDllAddr=771c0000
138	3c4.d74: ntdll.dll: timestamp 0x553e8801 (rc=VINF_SUCCESS)
139	3c4.d74: New simple heap: #1 002b0000 LB 0x400000 (for 1314816 allocation)
140	3c4.d74: System32: \Device\HarddiskVolume2\Windows\System32
141	3c4.d74: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
142	3c4.d74: KnownDllPath: C:\Windows\system32
143	3c4.d74: supR3HardenedVmProcessInit: Opening vboxdrv stub...
144	3c4.d74: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
145	3c4.d74: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
146	3c4.d74: Registered Dll notification callback with NTDLL.
147	3c4.d74: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
148	3c4.d74: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
149	3c4.d74: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000000:<flags> [calling]
150	3c4.d74: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
151	3c4.d74: supR3HardenedDllNotificationCallback: load 76670000 LB 0x000d4000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
152	3c4.d74: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
153	3c4.d74: supR3HardenedDllNotificationCallback: load 75400000 LB 0x0004b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
154	3c4.d74: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
155	3c4.d74: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
156	3c4.d74: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76670000 'C:\Windows\system32\kernel32.dll'
157	3c4.d74: supR3HardNtDisableThreadCreation: pvLdrInitThunk=77223861 pvNtTerminateThread=77206930
158	a80.1634: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 47 ms.
159	3c4.d74: \SystemRoot\System32\ntdll.dll:
160	3c4.d74: CreationTime: 2015-05-13T01:43:23.150528200Z
161	3c4.d74: LastWriteTime: 2015-04-27T19:08:02.560861300Z
162	3c4.d74: ChangeTime: 2015-05-13T06:05:12.472030600Z
163	3c4.d74: FileAttributes: 0x20
164	3c4.d74: Size: 0x13f400
165	3c4.d74: NT Headers: 0xd0
166	3c4.d74: Timestamp: 0x553e8801
167	3c4.d74: Machine: 0x14c - i386
168	3c4.d74: Timestamp: 0x553e8801
169	3c4.d74: Image Version: 6.1
170	3c4.d74: SizeOfImage: 0x141000 (1314816)
171	3c4.d74: Resource Dir: 0xe1000 LB 0x5a028
172	3c4.d74: ProductName: Microsoft® Windows® Operating System
173	3c4.d74: ProductVersion: 6.1.7601.18839
174	3c4.d74: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707)
175	3c4.d74: FileDescription: NT Layer DLL
176	3c4.d74: \SystemRoot\System32\kernel32.dll:
177	3c4.d74: CreationTime: 2014-04-17T06:50:28.609395400Z
178	3c4.d74: LastWriteTime: 2014-03-04T09:17:13.817000000Z
179	3c4.d74: ChangeTime: 2014-04-22T06:36:30.681081700Z
180	3c4.d74: FileAttributes: 0x20
181	3c4.d74: Size: 0xd4000
182	3c4.d74: NT Headers: 0xf0
183	3c4.d74: Timestamp: 0x531599f5
184	3c4.d74: Machine: 0x14c - i386
185	3c4.d74: Timestamp: 0x531599f5
186	3c4.d74: Image Version: 6.1
187	3c4.d74: SizeOfImage: 0xd4000 (868352)
188	3c4.d74: Resource Dir: 0xc7000 LB 0x528
189	3c4.d74: ProductName: Microsoft® Windows® Operating System
190	3c4.d74: ProductVersion: 6.1.7601.18409
191	3c4.d74: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
192	3c4.d74: FileDescription: Windows NT BASE API Client DLL
193	3c4.d74: \SystemRoot\System32\KernelBase.dll:
194	3c4.d74: CreationTime: 2014-05-14T10:04:05.890013400Z
195	3c4.d74: LastWriteTime: 2014-03-04T09:17:13.817000000Z
196	3c4.d74: ChangeTime: 2014-05-14T15:06:48.300616400Z
197	3c4.d74: FileAttributes: 0x20
198	3c4.d74: Size: 0x47a00
199	3c4.d74: NT Headers: 0xe0
200	3c4.d74: Timestamp: 0x531599f6
201	3c4.d74: Machine: 0x14c - i386
202	3c4.d74: Timestamp: 0x531599f6
203	3c4.d74: Image Version: 6.1
204	3c4.d74: SizeOfImage: 0x4b000 (307200)
205	3c4.d74: Resource Dir: 0x47000 LB 0x530
206	3c4.d74: ProductName: Microsoft® Windows® Operating System
207	3c4.d74: ProductVersion: 6.1.7601.18409
208	3c4.d74: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
209	3c4.d74: FileDescription: Windows NT BASE API Client DLL
210	3c4.d74: \SystemRoot\System32\apisetschema.dll:
211	3c4.d74: CreationTime: 2015-05-13T01:43:21.798450900Z
212	3c4.d74: LastWriteTime: 2015-04-27T18:59:41.743000000Z
213	3c4.d74: ChangeTime: 2015-05-13T06:05:12.222430200Z
214	3c4.d74: FileAttributes: 0x20
215	3c4.d74: Size: 0x1a00
216	3c4.d74: NT Headers: 0xc0
217	3c4.d74: Timestamp: 0x553e8756
218	3c4.d74: Machine: 0x14c - i386
219	3c4.d74: Timestamp: 0x553e8756
220	3c4.d74: Image Version: 6.1
221	3c4.d74: SizeOfImage: 0x50000 (327680)
222	3c4.d74: Resource Dir: 0x30000 LB 0x3f8
223	3c4.d74: ProductName: Microsoft® Windows® Operating System
224	3c4.d74: ProductVersion: 6.1.7601.18839
225	3c4.d74: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707)
226	3c4.d74: FileDescription: ApiSet Schema DLL
227	3c4.d74: supR3HardenedWinFindAdversaries: 0x0
228	3c4.d74: Calling main()
229	3c4.d74: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
230	3c4.d74: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
231	3c4.d74: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
232	3c4.d74: SUPR3HardenedMain: Respawn #2
233	3c4.d74: supR3HardNtEnableThreadCreation:
234	3c4.d74: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
235	3c4.d74: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
236	3c4.d74: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000000:<flags> [calling]
237	3c4.d74: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
238	3c4.d74: supR3HardenedDllNotificationCallback: load 75080000 LB 0x0004c000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
239	3c4.d74: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
240	3c4.d74: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75080000 'C:\Windows\system32\apphelp.dll'
241	3c4.d74: supR3HardNtDisableThreadCreation: pvLdrInitThunk=77223861 pvNtTerminateThread=77206930
242	3c4.d74: supR3HardenedWinDoReSpawn(2): New child 1620.10b0 [kernel32].
243	3c4.d74: supR3HardNtChildGatherData: PebBaseAddress=7ffdb000 cbPeb=0x248
244	3c4.d74: supR3HardNtPuChFindNtdll: uNtDllParentAddr=771c0000 uNtDllChildAddr=771c0000
245	3c4.d74: supR3HardenedWinSetupChildInit: uLdrInitThunk=77223861
246	3c4.d74: supR3HardenedWinSetupChildInit: Start child.
247	3c4.d74: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
248	3c4.d74: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 0 sleeps
249	3c4.d74: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
250	3c4.d74: *00000000-fffeffff 0x0001/0x0000 0x0000000
251	3c4.d74: *00010000-fffeffff 0x0004/0x0004 0x0020000
252	3c4.d74: *00030000-0002bfff 0x0002/0x0002 0x0040000
253	3c4.d74: 00034000-00027fff 0x0001/0x0000 0x0000000
254	3c4.d74: *00040000-0003efff 0x0004/0x0004 0x0020000
255	3c4.d74: 00041000-00031fff 0x0001/0x0000 0x0000000
256	3c4.d74: *00050000-0004efff 0x0004/0x0004 0x0020000
257	3c4.d74: 00051000-00021fff 0x0001/0x0000 0x0000000
258	3c4.d74: *00080000-fff82fff 0x0000/0x0004 0x0020000
259	3c4.d74: 0017d000-0017afff 0x0104/0x0004 0x0020000
260	3c4.d74: 0017f000-0017dfff 0x0004/0x0004 0x0020000
261	3c4.d74: 00180000-ff91ffff 0x0001/0x0000 0x0000000
262	3c4.d74: *009e0000-009e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
263	3c4.d74: 009e1000-00a55fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
264	3c4.d74: 00a56000-00a56fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
265	3c4.d74: 00a57000-00a84fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
266	3c4.d74: 00a85000-00a85fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
267	3c4.d74: 00a86000-00a86fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
268	3c4.d74: 00a87000-00a87fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
269	3c4.d74: 00a88000-00a88fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
270	3c4.d74: 00a89000-00a8afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
271	3c4.d74: 00a8b000-00a8dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
272	3c4.d74: 00a8e000-00ac0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
273	3c4.d74: 00ac1000-8a3c1fff 0x0001/0x0000 0x0000000
274	3c4.d74: *771c0000-771c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
275	3c4.d74: 771c1000-77297fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
276	3c4.d74: 77298000-7729dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
277	3c4.d74: 7729e000-7729efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
278	3c4.d74: 7729f000-772a0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
279	3c4.d74: 772a1000-77300fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
280	3c4.d74: 77301000-771e1fff 0x0001/0x0000 0x0000000
281	3c4.d74: *77420000-77420fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
282	3c4.d74: 77421000-6e891fff 0x0001/0x0000 0x0000000
283	3c4.d74: *7ffb0000-7ff8cfff 0x0002/0x0002 0x0040000
284	3c4.d74: 7ffd3000-7ffcafff 0x0001/0x0000 0x0000000
285	3c4.d74: *7ffdb000-7ffd9fff 0x0004/0x0004 0x0020000
286	3c4.d74: 7ffdc000-7ffd8fff 0x0001/0x0000 0x0000000
287	3c4.d74: *7ffdf000-7ffddfff 0x0004/0x0004 0x0020000
288	3c4.d74: *7ffe0000-7ffdefff 0x0002/0x0002 0x0020000
289	3c4.d74: 7ffe1000-7ffd1fff 0x0001/0x0002 0x0020000
290	3c4.d74: apisetschema.dll: timestamp 0x553e8756 (rc=VINF_SUCCESS)
291	3c4.d74: VirtualBox.exe: timestamp 0x55536e4b (rc=VINF_SUCCESS)
292	3c4.d74: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
293	3c4.d74: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
294	3c4.d74: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
295	3c4.d74: supR3HardNtChildPurify: Done after 317 ms and 0 fixes (loop #0).
296	3c4.d74: supR3HardenedEarlyCompact: Removed heap 1 (0x2b0000 LB 0x400000)
297	1620.10b0: Log file opened: 4.3.28r100309 g_hStartupLog=00000004 g_uNtVerCombined=0x611db110
298	1620.10b0: supR3HardenedVmProcessInit: uNtDllAddr=771c0000
299	3c4.d74: supR3HardNtEnableThreadCreation:
300	1620.10b0: ntdll.dll: timestamp 0x553e8801 (rc=VINF_SUCCESS)
301	1620.10b0: New simple heap: #1 00280000 LB 0x400000 (for 1314816 allocation)
302	1620.10b0: System32: \Device\HarddiskVolume2\Windows\System32
303	1620.10b0: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
304	1620.10b0: KnownDllPath: C:\Windows\system32
305	1620.10b0: supR3HardenedVmProcessInit: Opening vboxdrv...
306	1620.10b0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
307	1620.10b0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
308	1620.10b0: Registered Dll notification callback with NTDLL.
309	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
310	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
311	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000000:<flags> [calling]
312	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
313	1620.10b0: supR3HardenedDllNotificationCallback: load 76670000 LB 0x000d4000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
314	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
315	1620.10b0: supR3HardenedDllNotificationCallback: load 75400000 LB 0x0004b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
316	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
317	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
318	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76670000 'C:\Windows\system32\kernel32.dll'
319	1620.10b0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=77223861 pvNtTerminateThread=77206930
320	3c4.d74: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 51 ms.
321	1620.10b0: \SystemRoot\System32\ntdll.dll:
322	1620.10b0: CreationTime: 2015-05-13T01:43:23.150528200Z
323	1620.10b0: LastWriteTime: 2015-04-27T19:08:02.560861300Z
324	1620.10b0: ChangeTime: 2015-05-13T06:05:12.472030600Z
325	1620.10b0: FileAttributes: 0x20
326	1620.10b0: Size: 0x13f400
327	1620.10b0: NT Headers: 0xd0
328	1620.10b0: Timestamp: 0x553e8801
329	1620.10b0: Machine: 0x14c - i386
330	1620.10b0: Timestamp: 0x553e8801
331	1620.10b0: Image Version: 6.1
332	1620.10b0: SizeOfImage: 0x141000 (1314816)
333	1620.10b0: Resource Dir: 0xe1000 LB 0x5a028
334	1620.10b0: ProductName: Microsoft® Windows® Operating System
335	1620.10b0: ProductVersion: 6.1.7601.18839
336	1620.10b0: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707)
337	1620.10b0: FileDescription: NT Layer DLL
338	1620.10b0: \SystemRoot\System32\kernel32.dll:
339	1620.10b0: CreationTime: 2014-04-17T06:50:28.609395400Z
340	1620.10b0: LastWriteTime: 2014-03-04T09:17:13.817000000Z
341	1620.10b0: ChangeTime: 2014-04-22T06:36:30.681081700Z
342	1620.10b0: FileAttributes: 0x20
343	1620.10b0: Size: 0xd4000
344	1620.10b0: NT Headers: 0xf0
345	1620.10b0: Timestamp: 0x531599f5
346	1620.10b0: Machine: 0x14c - i386
347	1620.10b0: Timestamp: 0x531599f5
348	1620.10b0: Image Version: 6.1
349	1620.10b0: SizeOfImage: 0xd4000 (868352)
350	1620.10b0: Resource Dir: 0xc7000 LB 0x528
351	1620.10b0: ProductName: Microsoft® Windows® Operating System
352	1620.10b0: ProductVersion: 6.1.7601.18409
353	1620.10b0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
354	1620.10b0: FileDescription: Windows NT BASE API Client DLL
355	1620.10b0: \SystemRoot\System32\KernelBase.dll:
356	1620.10b0: CreationTime: 2014-05-14T10:04:05.890013400Z
357	1620.10b0: LastWriteTime: 2014-03-04T09:17:13.817000000Z
358	1620.10b0: ChangeTime: 2014-05-14T15:06:48.300616400Z
359	1620.10b0: FileAttributes: 0x20
360	1620.10b0: Size: 0x47a00
361	1620.10b0: NT Headers: 0xe0
362	1620.10b0: Timestamp: 0x531599f6
363	1620.10b0: Machine: 0x14c - i386
364	1620.10b0: Timestamp: 0x531599f6
365	1620.10b0: Image Version: 6.1
366	1620.10b0: SizeOfImage: 0x4b000 (307200)
367	1620.10b0: Resource Dir: 0x47000 LB 0x530
368	1620.10b0: ProductName: Microsoft® Windows® Operating System
369	1620.10b0: ProductVersion: 6.1.7601.18409
370	1620.10b0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
371	1620.10b0: FileDescription: Windows NT BASE API Client DLL
372	1620.10b0: \SystemRoot\System32\apisetschema.dll:
373	1620.10b0: CreationTime: 2015-05-13T01:43:21.798450900Z
374	1620.10b0: LastWriteTime: 2015-04-27T18:59:41.743000000Z
375	1620.10b0: ChangeTime: 2015-05-13T06:05:12.222430200Z
376	1620.10b0: FileAttributes: 0x20
377	1620.10b0: Size: 0x1a00
378	1620.10b0: NT Headers: 0xc0
379	1620.10b0: Timestamp: 0x553e8756
380	1620.10b0: Machine: 0x14c - i386
381	1620.10b0: Timestamp: 0x553e8756
382	1620.10b0: Image Version: 6.1
383	1620.10b0: SizeOfImage: 0x50000 (327680)
384	1620.10b0: Resource Dir: 0x30000 LB 0x3f8
385	1620.10b0: ProductName: Microsoft® Windows® Operating System
386	1620.10b0: ProductVersion: 6.1.7601.18839
387	1620.10b0: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707)
388	1620.10b0: FileDescription: ApiSet Schema DLL
389	1620.10b0: supR3HardenedWinFindAdversaries: 0x0
390	1620.10b0: Calling main()
391	1620.10b0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
392	1620.10b0: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
393	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
394	1620.10b0: SUPR3HardenedMain: Final process, opening VBoxDrv...
395	1620.10b0: supR3HardenedEarlyCompact: Removed heap 1 (0x280000 LB 0x400000)
396	1620.10b0: supR3HardNtEnableThreadCreation:
397	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
398	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
399	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0072325c:C:\Windows\system32 [calling]
400	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
401	1620.10b0: supR3HardenedDllNotificationCallback: load 73f80000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
402	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
403	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
404	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
405	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73f80000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
406	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
407	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
408	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73f80000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
409	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73f80000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
410	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
411	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
412	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
413	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
414	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
415	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
416	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
417	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
418	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
419	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
420	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
421	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
422	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
423	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
424	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
425	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
426	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
427	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
428	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
429	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
430	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
431	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
432	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
433	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
434	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
435	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
436	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
437	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
438	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
439	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
440	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0072325c:C:\Windows\system32 [calling]
441	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
442	1620.10b0: supR3HardenedDllNotificationCallback: load 751d0000 LB 0x0002f000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
443	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
444	1620.10b0: supR3HardenedDllNotificationCallback: load 762d0000 LB 0x000ac000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
445	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
446	1620.10b0: supR3HardenedDllNotificationCallback: load 752a0000 LB 0x00121000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
447	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
448	1620.10b0: supR3HardenedDllNotificationCallback: load 751b0000 LB 0x0000c000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
449	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
450	1620.10b0: supR3HardenedDllNotificationCallback: load 77360000 LB 0x000a2000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
451	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
452	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=751d0000 'C:\Windows\system32\Wintrust.dll'
453	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
454	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
455	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0072325c:C:\Windows\system32 [calling]
456	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
457	1620.10b0: supR3HardenedDllNotificationCallback: load 74d00000 LB 0x00017000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
458	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
459	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74d00000 'C:\Windows\system32\bcrypt.dll'
460	1620.10b0: bcrypt.dll loaded at 74d00000, BCryptOpenAlgorithmProvider at 74d02cda, preloading providers:
461	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
462	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
463	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
464	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
465	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
466	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
467	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
468	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
469	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
470	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
471	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
472	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
473	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
474	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
475	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
476	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
477	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
478	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
479	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
480	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
481	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
482	1620.10b0: supR3HardenedDllNotificationCallback: load 748d0000 LB 0x0003d000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
483	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
484	1620.10b0: supR3HardenedDllNotificationCallback: load 76780000 LB 0x000a1000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
485	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
486	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
487	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
488	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
489	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
490	1620.10b0: supR3HardenedDllNotificationCallback: load 76650000 LB 0x00019000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
491	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
492	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=748d0000 'C:\Windows\system32\bcryptprimitives.dll'
493	1620.10b0: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0074e110)
494	1620.10b0: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0074e760)
495	1620.10b0: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0074f518)
496	1620.10b0: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0074e068)
497	1620.10b0: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0074f668)
498	1620.10b0: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0074f708)
499	1620.10b0: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0074f5b8)
500	1620.10b0: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0074f878)
501	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
502	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
503	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
504	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
505	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
506	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
507	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
508	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
509	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
510	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
511	1620.10b0: supR3HardenedDllNotificationCallback: load 74bf0000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
512	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
513	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74bf0000 'C:\Windows\system32\CRYPTSP.dll'
514	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
515	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
516	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
517	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
518	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
519	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
520	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
521	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
522	1620.10b0: supR3HardenedDllNotificationCallback: load 74990000 LB 0x0003b000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
523	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
524	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74990000 'C:\Windows\system32\rsaenh.dll'
525	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
526	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
527	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76780000 'C:\Windows\system32\ADVAPI32.dll'
528	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
529	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
530	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
531	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
532	1620.10b0: supR3HardenedDllNotificationCallback: load 750d0000 LB 0x0000c000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
533	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
534	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=750d0000 'C:\Windows\system32\CRYPTBASE.dll'
535	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
536	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
537	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76670000 'C:\Windows\system32\kernel32.dll'
538	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
539	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
540	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=751d0000 'C:\Windows\system32\WINTRUST.DLL'
541	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
542	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
543	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=752a0000 'C:\Windows\system32\CRYPT32.dll'
544	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
545	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'advapi32.dll'.
546	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
547	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
548	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
549	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
550	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
551	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
552	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
553	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
554	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
555	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
556	1620.10b0: supR3HardenedDllNotificationCallback: load 76750000 LB 0x0002b000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
557	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
558	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76750000 'C:\Windows\system32\imagehlp.dll'
559	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
560	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
561	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74bf0000 'C:\Windows\system32\CRYPTSP.dll'
562	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
563	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
564	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
565	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
566	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
567	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
568	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
569	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
570	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
571	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
572	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
573	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
574	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
575	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
576	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
577	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
578	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
579	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
580	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
581	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
582	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
583	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
584	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
585	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
586	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
587	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
588	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
589	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
590	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
591	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
592	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
593	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
594	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
595	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
596	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
597	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
598	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
599	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
600	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
601	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
602	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
603	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
604	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
605	1620.10b0: supR3HardenedDllNotificationCallback: load 76450000 LB 0x000c9000 C:\Windows\system32\USER32.dll [fFlags=0x0]
606	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
607	1620.10b0: supR3HardenedDllNotificationCallback: load 76400000 LB 0x0004e000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
608	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
609	1620.10b0: supR3HardenedDllNotificationCallback: load 77340000 LB 0x0000a000 C:\Windows\system32\LPK.dll [fFlags=0x0]
610	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
611	1620.10b0: supR3HardenedDllNotificationCallback: load 76de0000 LB 0x0009d000 C:\Windows\system32\USP10.dll [fFlags=0x0]
612	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
613	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
614	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
615	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76400000 'C:\Windows\system32\gdi32.dll'
616	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
617	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
618	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
619	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
620	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
621	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
622	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
623	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
624	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
625	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
626	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
627	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
628	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
629	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
630	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
631	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
632	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
633	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
634	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
635	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
636	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
637	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
638	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
639	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
640	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
641	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
642	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
643	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
644	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
645	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
646	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
647	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
648	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
649	1620.10b0: supR3HardenedDllNotificationCallback: load 76630000 LB 0x0001f000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
650	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
651	1620.10b0: supR3HardenedDllNotificationCallback: load 76520000 LB 0x000cc000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
652	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
653	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76630000 'C:\Windows\system32\IMM32.DLL'
654	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76450000 'C:\Windows\system32\USER32.dll'
655	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
656	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
657	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
658	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
659	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
660	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
661	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
662	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
663	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
664	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
665	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
666	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
667	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
668	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
669	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
670	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
671	1620.10b0: supR3HardenedDllNotificationCallback: load 74d20000 LB 0x00038000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
672	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
673	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74d20000 'C:\Windows\system32\ncrypt.dll'
674	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
675	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
676	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74d00000 'C:\Windows\system32\bcrypt.dll'
677	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
678	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
679	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'profapi.dll'.
680	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
681	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
682	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
683	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
684	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
685	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
686	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
687	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
688	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
689	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
690	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
691	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
692	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
693	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
694	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
695	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
696	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
697	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
698	1620.10b0: supR3HardenedDllNotificationCallback: load 754b0000 LB 0x00017000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
699	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
700	1620.10b0: supR3HardenedDllNotificationCallback: load 751c0000 LB 0x0000b000 C:\Windows\system32\profapi.dll [fFlags=0x0]
701	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
702	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754b0000 'C:\Windows\system32\USERENV.dll'
703	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
704	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
705	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
706	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
707	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
708	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
709	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
710	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
711	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
712	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
713	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
714	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
715	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
716	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
717	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
718	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
719	1620.10b0: supR3HardenedDllNotificationCallback: load 747a0000 LB 0x00016000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
720	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
721	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=747a0000 'C:\Windows\system32\GPAPI.dll'
722	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
723	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-WIN-Service-Management-L1-1-0.dll'
724	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
725	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
726	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=77360000 'C:\Windows\system32\rpcrt4.dll'
727	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
728	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-WIN-Service-Management-L2-1-0.dll'
729	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
730	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
731	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
732	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
733	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'crypt32.dll'.
734	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wldap32.dll'.
735	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
736	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
737	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
738	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
739	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
740	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
741	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
742	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
743	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
744	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
745	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
746	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
747	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
748	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
749	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
750	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
751	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
752	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
753	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
754	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
755	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
756	1620.10b0: supR3HardenedDllNotificationCallback: load 6f420000 LB 0x0001c000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
757	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
758	1620.10b0: supR3HardenedDllNotificationCallback: load 76920000 LB 0x00045000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
759	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
760	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
761	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
762	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
763	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
764	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
765	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
766	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
767	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
768	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
769	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
770	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
771	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
772	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
773	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
774	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
775	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
776	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
777	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
778	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
779	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
780	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
781	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
782	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
783	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
784	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
785	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
786	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
787	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
788	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
789	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
790	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6f420000 'C:\Windows\system32\cryptnet.dll'
791	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
792	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
793	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
794	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
795	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=751c0000 'C:\Windows\system32\profapi.dll'
796	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
797	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
798	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
799	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
800	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
801	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
802	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
803	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
804	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
805	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
806	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
807	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
808	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
809	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
810	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
811	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
812	1620.10b0: supR3HardenedDllNotificationCallback: load 768c0000 LB 0x00057000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
813	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
814	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=768c0000 'C:\Windows\system32\SHLWAPI.dll'
815	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000 pwszName=\SystemRoot\System32\ntdll.dll
816	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: New context 00769d60
817	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
818	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D75B31A39D3E7A982110991D3130254CB608909B
819	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
820	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
821	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
822	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-WIN-Service-Management-L1-1-0.dll'
823	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
824	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
825	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
826	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
827	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76780000 'C:\Windows\system32\ADVAPI32.dll'
828	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
829	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
830	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
831	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76650000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
832	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_38_for_KB3022345~31bf3856ad364e35~x86~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
833	1620.10b0: g_pfnWinVerifyTrust=751d273a
834	1620.10b0: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
835	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000e4 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
836	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
837	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
838	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5899593484521EBF43C3FBEF1689EAD74AD8ED7D
839	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_106_for_KB3033929~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
840	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
841	1620.10b0: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
842	1620.10b0: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
843	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
844	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
845	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
846	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AD400B10391BF763CC5DFDE600010DE093424AAC
847	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB3033929~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
848	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
849	1620.10b0: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
850	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000390 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
851	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
852	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
853	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A97620B38393821964747185BD0CFB4FF244F0A
854	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
855	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
856	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
857	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000384 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
858	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
859	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
860	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4274E678F4A09F0955B304F45CFA0547B0F86BC7
861	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
862	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
863	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
864	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000380 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
865	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
866	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
867	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=89E77407A345B2D82F06806B31C1CEFF03A91A6A
868	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB3033929~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
869	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
870	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
871	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000025c pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
872	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
873	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
874	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BD66D8D7C0A43466AD80C34E81C083C3C69E195B
875	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
876	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
877	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
878	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000001c8 pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
879	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
880	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
881	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D9A4C90615FC5B5674208A5401C018FEA2A04A4B
882	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
883	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
884	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
885	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000001c4 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
886	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
887	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
888	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=21925C895DA97CB66CCC5FBA910D9ABD265AA276
889	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
890	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
891	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
892	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000001b0 pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
893	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
894	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
895	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3C162057009F15589931F2F9C420601EA23D426B
896	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_38_for_KB3022345~31bf3856ad364e35~x86~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
897	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
898	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
899	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000198 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
900	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
901	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
902	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=21CC868DE3508F5C6F6D348B324C1E8AB2969CC6
903	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3033889~31bf3856ad364e35~x86~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
904	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
905	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
906	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000194 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
907	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
908	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
909	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB8862BB29C3F539B9BF3A9E49EBC509A515AC5C
910	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
911	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
912	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
913	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000190 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
914	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
915	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
916	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43A12765C9BE008AD8F89DD9D8ADE42781F3CECF
917	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2957509~31bf3856ad364e35~x86~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
918	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
919	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
920	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000018c pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
921	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
922	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
923	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82BA1962EC46224806FF94FB51B2673A26041759
924	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3032323~31bf3856ad364e35~x86~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
925	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
926	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
927	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000188 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
928	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
929	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
930	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9262291212E863338E5EEFAE7EA78C13B621DE20
931	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3046306~31bf3856ad364e35~x86~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
932	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
933	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
934	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000184 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
935	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
936	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
937	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=46D722AD9F66278A8EBC0D192855961CE6A21050
938	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
939	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
940	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
941	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000180 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
942	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
943	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
944	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D59F877FD4F27652A01B1936874AFAF3A55572A8
945	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
946	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
947	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
948	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000134 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
949	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
950	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
951	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7E0CBD7D0C7F18B4CDC624EAFFFE29E8644EB2D5
952	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
953	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
954	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
955	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
956	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000130 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
957	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
958	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
959	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EFE6B29BE955FB2D869F3B57909DF90693FBBCEB
960	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB3033929~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
961	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
962	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
963	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000124 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
964	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
965	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
966	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03C748C87A1DF5DB8A18BC64469B9F2F9B1E97A4
967	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_38_for_KB3022345~31bf3856ad364e35~x86~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
968	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
969	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
970	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000120 pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
971	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
972	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
973	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E9F27C8C9C98181856ECB8B0C4901455595659DC
974	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_38_for_KB3022345~31bf3856ad364e35~x86~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
975	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
976	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
977	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
978	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000108 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
979	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
980	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
981	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F0BAB1EFD5C685AC53B020519B5A6984B19E5071
982	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
983	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
984	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
985	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000e8 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
986	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
987	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
988	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=50B466D5DDEDD2D1A524F20B8873F187B62AA69F
989	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2654428~31bf3856ad364e35~x86~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
990	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
991	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
992	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000e0 pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
993	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
994	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
995	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7068F2E1634BBD478D1FBCF4C463626913EA7285
996	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
997	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
998	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
999	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1000	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1001	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1002	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=06D41DECE180CBB3CA57E6BA142D5CEEF83911AA
1003	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2978668~31bf3856ad364e35~x86~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1004	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1005	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1006	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1007	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000024 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1008	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1009	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1010	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8EB77778F9F6A58100DE8E79F4C640441D1A46DC
1011	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_31_for_KB2871997~31bf3856ad364e35~x86~~6.1.2.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1012	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1013	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1014	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000001c pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
1015	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1016	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1017	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8384E0CDC14CEB0CEB1E02FD8F4D7F7A10FC6E0E
1018	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_31_for_KB2871997~31bf3856ad364e35~x86~~6.1.2.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1019	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1020	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1021	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1022	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00769014:C:\Windows\system32 [calling]
1023	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=752a0000 'C:\Windows\system32\crypt32.dll'
1024	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1025	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1026	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1027	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1028	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x987869d3679da00 CN=ClockworkMod
1029	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1030	1620.10b0: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certificates.godaddy.com/repository, CN=Go Daddy Secure Certification Authority(
1031	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1032	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1033	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1034	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1035	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1036	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1037	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1038	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1039	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1040	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1041	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1042	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
1043	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1044	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1045	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1046	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1047	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1048	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1049	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1050	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1051	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1052	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x6e2ba21058eedf00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN - DATACorp SGC
1053	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1054	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1055	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1056	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1057	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
1058	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1059	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
1060	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x92ac5ed85c2d0e9b C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2007 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G4
1061	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1062	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
1063	1620.10b0: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1064	1620.10b0: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=39
1065	1620.10b0: SUPR3HardenedMain: Load Runtime...
1066	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1067	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1068	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1069	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1070	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
1071	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1072	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1073	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1074	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1075	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1076	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1077	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000003cc pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1078	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1079	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1080	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2535224DB54945234E1A0C452639FCBB02F5F364
1081	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
1082	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1083	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1084	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1085	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'nsi.dll'.
1086	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)WinVerifyTrust
1087	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1088	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1089	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1090	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1091	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
1092	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1093	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1094	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1095	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
1096	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1097	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1098	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1099	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1100	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1101	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1102	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000440 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
1103	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1104	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1105	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B5C25EDD170A1CAACC3D49C508AB6F58BD6DE6E2
1106	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
1107	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1108	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)WinVerifyTrust
1109	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
1110	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1111	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1112	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1113	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1114	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1115	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1116	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00767af4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1117	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1118	1620.10b0: supR3HardenedDllNotificationCallback: load 592b0000 LB 0x0041f000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1119	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1120	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1121	1620.10b0: supR3HardenedDllNotificationCallback: load 5cb80000 LB 0x000bf000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1122	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1123	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1124	1620.10b0: supR3HardenedDllNotificationCallback: load 63de0000 LB 0x00069000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1125	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1126	1620.10b0: supR3HardenedDllNotificationCallback: load 765f0000 LB 0x00035000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1127	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1128	1620.10b0: supR3HardenedDllNotificationCallback: load 77320000 LB 0x00006000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1129	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
1130	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1131	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1132	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1133	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1134	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1135	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1136	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1137	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1138	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1139	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1140	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1141	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1142	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1143	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1144	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1145	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1146	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1147	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1148	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1149	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1150	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1151	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1152	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1153	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1154	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1155	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1156	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1157	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1158	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1159	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1160	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1161	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1162	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1163	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1164	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1165	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1166	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1167	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1168	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1169	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1170	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1171	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1172	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1173	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1174	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00723a04:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ibm\gsk8\lib;C:\Program Files\ibm\gsk8\bin;C:\Program Files\IBM Informix Client SDK\bin;D:\app\c3p0i\product\11.2.0\client_2\bin;D:\app\c3p0i\product\11.2.0\client_1;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Bitvise SSH Client;C:\Program Files\Gow\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sikuli X\libs;C:\Program Files\Java\jre6\\bin;C:\Program Files\OpenVPN\bin [calling]
1175	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1176	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1177	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1178	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=592b0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1179	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1180	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00768f94:C:\Windows\system32 [calling]
1181	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=751d0000 'C:\Windows\system32\Wintrust.dll'
1182	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1183	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00768f94:C:\Windows\system32 [calling]
1184	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=752a0000 'C:\Windows\system32\crypt32.dll'
1185	1620.10b0: SUPR3HardenedMain: Load TrustedMain...
1186	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1187	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1188	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
1189	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1190	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1191	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtcorevbox4.dll'.
1192	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtguivbox4.dll'.
1193	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtnetworkvbox4.dll'.
1194	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qtopenglvbox4.dll'.
1195	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1196	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'gdi32.dll'.
1197	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'advapi32.dll'.
1198	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'shell32.dll'.
1199	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'ole32.dll'.
1200	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'.
1201	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'comdlg32.dll'.
1202	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'winmm.dll'.
1203	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
1204	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1205	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1206	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1207	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000480 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
1208	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1209	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1210	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0907A64D7756C59C69C1DFBD06460EC89D3A8FBD
1211	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
1212	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1213	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1214	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1215	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll)WinVerifyTrust
1216	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1217	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1218	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1219	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000460 pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1220	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1221	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1222	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1C456ACB19416C5E733133B4582891146F151614
1223	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
1224	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1225	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1226	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1227	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1228	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1229	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1230	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1231	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)WinVerifyTrust
1232	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1233	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1234	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1235	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000474 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1236	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1237	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1238	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BCE31FDB944BBD2B4E378704B95BEA36085E5ADA
1239	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3020338~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1240	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1241	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1242	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1243	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
1244	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1245	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'gdi32.dll'.
1246	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)WinVerifyTrust
1247	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1248	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1249	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1250	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000048c pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
1251	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1252	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1253	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=07C15DE99041924EC7DED2E27632443249973ECA
1254	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1255	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1256	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1257	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1258	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1259	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1260	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)WinVerifyTrust
1261	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
1262	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1263	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1264	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000484 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
1265	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1266	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1267	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=883446B1349BE3E16C87051B0AA3B54938105378
1268	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3039066~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
1269	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1270	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1271	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1272	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1273	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1274	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)WinVerifyTrust
1275	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1276	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1277	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1278	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1279	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1280	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1281	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1282	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1283	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1284	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
1285	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
1286	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1287	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1288	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1289	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
1290	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1291	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1292	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
1293	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1294	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
1295	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
1296	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
1297	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
1298	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
1299	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
1300	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1301	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1302	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1303	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1304	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
1305	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
1306	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1307	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1308	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1309	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
1310	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1311	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
1312	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
1313	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
1314	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
1315	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
1316	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)WinVerifyTrust
1317	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1318	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1319	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1320	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1321	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1322	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1323	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
1324	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1325	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1326	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)WinVerifyTrust
1327	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1328	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1329	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1330	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1331	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1332	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1333	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1334	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
1335	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
1336	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1337	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
1338	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1339	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
1340	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
1341	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1342	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1343	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1344	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1345	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004bc pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
1346	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1347	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1348	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4C7570E385B8CF66CB40344231F3E0AA4189574F
1349	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1350	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1351	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1352	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1353	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1354	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1355	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1356	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1357	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)WinVerifyTrust
1358	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1359	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1360	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1361	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1362	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1363	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004b0 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
1364	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1365	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1366	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6D0AC3B30C2D6C734EBBA3E99BF60B93FDF28E33
1367	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
1368	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1369	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1370	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1371	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1372	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1373	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1374	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1375	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)WinVerifyTrust
1376	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1377	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1378	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1379	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004b8 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
1380	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1381	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1382	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8AAE7D02045ADA954DBE714C716FEAB98D1A54F0
1383	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
1384	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1385	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1386	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1387	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1388	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)WinVerifyTrust
1389	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1390	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1391	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1392	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1393	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1394	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1395	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1396	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1397	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1398	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1399	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
1400	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
1401	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1402	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1403	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
1404	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
1405	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
1406	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1407	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1408	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1409	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1410	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1411	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1412	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1413	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1414	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1415	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1416	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1417	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1418	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1419	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1420	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1421	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1422	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1423	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1424	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1425	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1426	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1427	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1428	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1429	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1430	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1431	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1432	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1433	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1434	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1435	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1436	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1437	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1438	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1439	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1440	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1441	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1442	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1443	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1444	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1445	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1446	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1447	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004d8 pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
1448	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1449	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1450	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B39657B6044CE5C98BB9FC443679CBDE0E6BE222
1451	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
1452	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1453	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1454	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1455	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1456	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)WinVerifyTrust
1457	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
1458	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1459	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1460	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1461	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1462	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1463	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1464	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1465	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1466	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1467	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1468	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1469	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1470	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1471	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1472	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1473	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1474	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1475	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1476	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1477	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1478	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1479	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1480	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1481	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1482	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1483	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1484	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1485	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1486	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1487	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1488	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1489	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1490	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1491	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1492	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1493	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1494	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1495	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1496	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1497	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1498	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1499	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1500	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1501	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1502	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1503	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1504	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1505	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1506	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1507	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1508	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1509	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1510	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1511	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1512	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1513	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1514	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1515	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1516	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1517	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
1518	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1519	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1520	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1521	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1522	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1523	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1524	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1525	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1526	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1527	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1528	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1529	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
1530	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004dc pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
1531	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1532	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1533	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B2DD5817E3C34BF2CE0D876EBC207250E2DB8A3A
1534	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2864058~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
1535	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1536	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1537	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1538	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1539	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)WinVerifyTrust
1540	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
1541	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1542	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1543	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1544	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1545	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1546	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1547	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1548	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1549	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1550	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1551	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1552	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1553	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1554	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1555	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1556	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1557	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1558	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1559	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1560	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1561	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1562	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1563	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1564	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1565	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1566	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1567	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
1568	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
1569	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
1570	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1571	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1572	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1573	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1574	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1575	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1576	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1577	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1578	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1579	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1580	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1581	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1582	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1583	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004d0 pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1584	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1585	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1586	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2DD0519DFAD1ED741C9324879C92EC15A9FFB8D0
1587	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
1588	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1589	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1590	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1591	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1592	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)WinVerifyTrust
1593	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1594	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1595	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1596	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004e8 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
1597	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1598	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1599	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=07B90F6FCFF3E079727E8F6884115307C6E5BA41
1600	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1601	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1602	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
1603	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
1604	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
1605	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1606	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1607	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1608	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
1609	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)WinVerifyTrust
1610	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1611	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1612	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1613	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1614	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1615	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004ec pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
1616	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1617	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1618	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2209915514DA0567BF15C35F3296BEE011BE2E28
1619	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3032323~31bf3856ad364e35~x86~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
1620	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1621	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1622	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1623	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1624	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)WinVerifyTrust
1625	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1626	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1627	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1628	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1629	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1630	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1631	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1632	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1633	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1634	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1635	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1636	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
1637	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
1638	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004f4 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
1639	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1640	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1641	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EE1631BE6E86D9131380E981EC05320E6DF3FD3A
1642	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1643	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1644	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1645	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'cfgmgr32.dll'.
1646	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)WinVerifyTrust
1647	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
1648	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1649	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1650	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1651	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1652	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1653	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1654	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1655	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1656	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1657	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1658	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1659	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1660	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1661	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004fc pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1662	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1663	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1664	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A2D26C675A9F5FB0ABA919E9F71726151CB174F1
1665	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1666	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1667	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1668	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
1669	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1670	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)WinVerifyTrust
1671	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1672	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1673	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1674	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1675	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1676	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1677	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1678	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1679	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1680	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1681	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1682	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1683	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1684	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1685	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1686	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1687	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1688	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1689	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00767af4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1690	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1691	1620.10b0: supR3HardenedDllNotificationCallback: load 77880000 LB 0x00772000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
1692	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1693	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1694	1620.10b0: supR3HardenedDllNotificationCallback: load 5cc90000 LB 0x000c8000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
1695	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1696	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1697	1620.10b0: supR3HardenedDllNotificationCallback: load 67d90000 LB 0x00022000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
1698	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1699	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1700	1620.10b0: supR3HardenedDllNotificationCallback: load 6b9c0000 LB 0x000e7000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
1701	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1702	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1703	1620.10b0: supR3HardenedDllNotificationCallback: load 6b9b0000 LB 0x00006000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
1704	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1705	1620.10b0: supR3HardenedDllNotificationCallback: load 76a00000 LB 0x0019d000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
1706	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1707	1620.10b0: supR3HardenedDllNotificationCallback: load 75480000 LB 0x00027000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1708	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1709	1620.10b0: supR3HardenedDllNotificationCallback: load 76830000 LB 0x0008f000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1710	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1711	1620.10b0: supR3HardenedDllNotificationCallback: load 77060000 LB 0x0015c000 C:\Windows\system32\ole32.dll [fFlags=0x0]
1712	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1713	1620.10b0: supR3HardenedDllNotificationCallback: load 75460000 LB 0x00012000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1714	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
1715	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1716	1620.10b0: supR3HardenedDllNotificationCallback: load 732b0000 LB 0x00013000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
1717	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1718	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
1719	1620.10b0: supR3HardenedDllNotificationCallback: load 5c970000 LB 0x00205000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.dll [fFlags=0x0]
1720	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
1721	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
1722	1620.10b0: supR3HardenedDllNotificationCallback: load 6ac00000 LB 0x00007000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
1723	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
1724	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1725	1620.10b0: supR3HardenedDllNotificationCallback: load 53140000 LB 0x00275000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
1726	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1727	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1728	1620.10b0: supR3HardenedDllNotificationCallback: load 64bf0000 LB 0x0080c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
1729	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1730	1620.10b0: supR3HardenedDllNotificationCallback: load 76380000 LB 0x0007b000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
1731	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1732	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1733	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1734	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1735	1620.10b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll)
1736	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
1737	1620.10b0: supR3HardenedDllNotificationCallback: load 6bb70000 LB 0x00084000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\COMCTL32.dll [fFlags=0x0]
1738	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll [avoiding WinVerifyTrust]
1739	1620.10b0: supR3HardenedDllNotificationCallback: load 754d0000 LB 0x00c4b000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
1740	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1741	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1742	1620.10b0: supR3HardenedDllNotificationCallback: load 70ef0000 LB 0x00032000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
1743	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1744	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
1745	1620.10b0: supR3HardenedDllNotificationCallback: load 6b8c0000 LB 0x00051000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
1746	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
1747	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1748	1620.10b0: supR3HardenedDllNotificationCallback: load 5c880000 LB 0x000e2000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
1749	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1750	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1751	1620.10b0: supR3HardenedDllNotificationCallback: load 5c640000 LB 0x000c1000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
1752	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1753	1620.10b0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll'.
1754	1620.10b0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll' [rescheduled]
1755	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1756	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1757	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1758	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1759	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1760	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1761	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1762	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=020ccde4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1763	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76630000 'C:\Windows\system32\imm32.dll'
1764	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=77880000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
1765	1620.10b0: SUPR3HardenedMain: Calling TrustedMain (77881da0)...
1766	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1767	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00767af4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1768	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=70ef0000 'C:\Windows\system32\winmm.dll'
1769	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000058c pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1770	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1771	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1772	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BCFB3B3EDEC8C54A3B95DACAFC19DCB9EA6969BD
1773	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
1774	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1775	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1776	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1777	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
1778	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll)WinVerifyTrust
1779	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1780	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1781	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1782	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1783	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1784	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1785	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1786	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=020b9c74:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1787	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1788	1620.10b0: supR3HardenedDllNotificationCallback: load 73870000 LB 0x00040000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
1789	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1790	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73870000 'C:\Windows\system32\uxtheme.dll'
1791	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1792	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=020b9c74:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1793	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73870000 'C:\Windows\system32\uxtheme.dll'
1794	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1795	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=020b9c74:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1796	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73870000 'C:\Windows\system32\uxtheme.dll'
1797	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1798	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=020b9c74:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1799	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73870000 'C:\Windows\system32\uxtheme.dll'
1800	1620.10b0: \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll: Owner is administrators group.
1801	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000005ac pwszName=\Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
1802	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1803	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1804	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=81273098809FCD31253B469D42950416B2780B67
1805	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1806	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: New context 00769d60
1807	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1808	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=81273098809FCD31253B469D42950416B2780B67
1809	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1168)
1810	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0076a1e0
1811	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0076a1e0
1812	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=43128DD7DB22429861BB1E0BA660C8C629F8E5E634B742B77A5E3ECEA2CF2D60
1813	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1168)
1814	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
1815	1620.10b0: supHardenedWinVerifyImageByHandle: -> -22900 (\Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll)WinVerifyTrust
1816	1620.10b0: Error (rc=0):
1817	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll: Not signed.
1818	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
1819	1620.10b0: Error (rc=0):
1820	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
1821	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
1822	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
1823	1620.10b0: Error (rc=0):
1824	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=1 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
1825	1620.10b0: Error (rc=0):
1826	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
1827	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
1828	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1829	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1830	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=732b0000 'C:\Windows\system32\dwmapi.dll'
1831	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1832	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1833	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=750d0000 'C:\Windows\system32\CRYPTBASE.dll'
1834	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
1835	1620.10b0: Error (rc=0):
1836	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
1837	1620.10b0: Error (rc=0):
1838	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
1839	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
1840	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1841	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1842	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754d0000 'C:\Windows\system32\shell32.dll'
1843	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1844	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1845	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76670000 'C:\Windows\system32\kernel32.dll'
1846	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1847	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1848	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73870000 'C:\Windows\system32\uxtheme.dll'
1849	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1850	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1851	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73870000 'C:\Windows\system32\uxtheme.dll'
1852	1620.10b0: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
1853	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1854	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
1855	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76450000 'C:\Windows\system32\user32.dll'
1856	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1857	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1858	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73870000 'C:\Windows\system32\uxtheme.dll'
1859	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76450000 'C:\Windows\system32\user32.dll'
1860	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76780000 'C:\Windows\system32\advapi32.dll'
1861	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
1862	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1863	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754b0000 'C:\Windows\system32\userenv.dll'
1864	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1865	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1866	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76670000 'C:\Windows\system32\kernel32.dll'
1867	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000003c4 pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
1868	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1869	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1870	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B560B8A95D275325C41DE5897E348BE60192127E
1871	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
1872	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1873	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1874	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1875	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1876	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1877	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
1878	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
1879	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)WinVerifyTrust
1880	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
1881	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1882	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1883	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1884	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1885	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1886	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1887	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1888	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1889	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1890	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1891	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1892	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1893	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1894	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1895	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1896	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076784c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1897	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
1898	1620.10b0: supR3HardenedDllNotificationCallback: load 76970000 LB 0x00083000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
1899	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
1900	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76970000 'C:\Windows\system32\CLBCatQ.DLL'
1901	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76780000 'C:\Windows\system32\ADVAPI32.dll'
1902	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1903	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00767d14:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1904	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74bf0000 'C:\Windows\system32\CRYPTSP.dll'
1905	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000003b0 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
1906	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1907	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1908	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A397FD418538BAA1CB6D18B348447E74938F66EA
1909	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
1910	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1911	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
1912	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll)WinVerifyTrust
1913	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
1914	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1915	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1916	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0076795c:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1917	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
1918	1620.10b0: supR3HardenedDllNotificationCallback: load 75140000 LB 0x0000e000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
1919	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
1920	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75140000 'C:\Windows\system32\RpcRtRemote.dll'
1921	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000005c4 pwszName=\Device\HarddiskVolume2\Windows\System32\msiltcfg.dll
1922	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1923	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1924	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AAE8C73E319858922705A3CB3C7B14413A48F03C
1925	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume2\Windows\System32\msiltcfg.dll'
1926	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1927	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1928	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1929	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'version.dll'.
1930	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msiltcfg.dll)WinVerifyTrust
1931	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msiltcfg.dll
1932	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
1933	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume2\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
1934	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000005c8 pwszName=\Device\HarddiskVolume2\Windows\System32\version.dll
1935	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1936	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1937	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87F58E3B93CDFEB987BC8B5880D3F0366E3D8203
1938	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\version.dll'
1939	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1940	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1941	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\version.dll)WinVerifyTrust
1942	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\version.dll
1943	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1944	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1945	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1946	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1947	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1948	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1949	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1950	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msiltcfg.dll (Input=msiltcfg.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00767054:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1951	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msiltcfg.dll
1952	1620.10b0: supR3HardenedDllNotificationCallback: load 68dd0000 LB 0x00007000 C:\Windows\system32\msiltcfg.dll [fFlags=0x0]
1953	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msiltcfg.dll
1954	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll
1955	1620.10b0: supR3HardenedDllNotificationCallback: load 74660000 LB 0x00009000 C:\Windows\system32\VERSION.dll [fFlags=0x0]
1956	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll
1957	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=68dd0000 'C:\Windows\system32\msiltcfg.dll'
1958	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76450000 'C:\Windows\system32\user32.dll'
1959	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000005dc pwszName=\Device\HarddiskVolume2\Windows\System32\msi.dll
1960	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
1961	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
1962	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=07FF9EA1F30B580AAE670896F5C0AC3E635F6C88
1963	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_40_for_KB3008627~31bf3856ad364e35~x86~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msi.dll'
1964	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1965	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1966	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1967	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1968	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
1969	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
1970	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1971	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shlwapi.dll'.
1972	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
1973	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msi.dll)WinVerifyTrust
1974	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msi.dll
1975	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1976	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1977	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1978	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1979	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1980	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1981	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1982	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1983	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1984	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1985	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1986	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1987	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1988	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1989	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1990	1620.10b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
1991	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1992	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1993	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1994	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1995	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msi.dll (Input=msi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00767054:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1996	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msi.dll
1997	1620.10b0: supR3HardenedDllNotificationCallback: load 6ec90000 LB 0x00245000 C:\Windows\system32\msi.dll [fFlags=0x0]
1998	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msi.dll
1999	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6ec90000 'C:\Windows\system32\msi.dll'
2000	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msiltcfg.dll
2001	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msiltcfg.dll (Input=msiltcfg.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00767054:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2002	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=68dd0000 'C:\Windows\system32\msiltcfg.dll'
2003	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76400000 'C:\Windows\system32\gdi32.dll'
2004	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2005	1620.10b0: Error (rc=0):
2006	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=3 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2007	1620.10b0: Error (rc=0):
2008	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2009	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2010	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2011	1620.10b0: Error (rc=0):
2012	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2013	1620.10b0: Error (rc=0):
2014	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2015	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2016	1620.10b0: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2017	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007677c4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2018	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
2019	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2020	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007677c4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2021	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754d0000 'C:\Windows\system32\shell32.dll'
2022	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2023	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007677c4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2024	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754d0000 'C:\Windows\system32\shell32.dll'
2025	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2026	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007677c4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2027	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754d0000 'C:\Windows\system32\shell32.dll'
2028	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754d0000 'C:\Windows\system32\shell32.dll'
2029	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754d0000 'C:\Windows\system32\shell32.dll'
2030	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=754d0000 'C:\Windows\system32\shell32.dll'
2031	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76450000 'C:\Windows\system32\user32.dll'
2032	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2033	1620.10b0: Error (rc=0):
2034	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2035	1620.10b0: Error (rc=0):
2036	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2037	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2038	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76780000 'C:\Windows\system32\ADVAPI32.dll'
2039	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2040	1620.10b0: Error (rc=0):
2041	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=6 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2042	1620.10b0: Error (rc=0):
2043	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2044	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2045	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2046	1620.10b0: Error (rc=0):
2047	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=7 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2048	1620.10b0: Error (rc=0):
2049	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2050	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2051	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2052	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007677c4:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2053	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=77060000 'C:\Windows\system32\ole32.dll'
2054	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2055	1620.10b0: Error (rc=0):
2056	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=8 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2057	1620.10b0: Error (rc=0):
2058	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2059	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2060	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2061	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=026dbe14:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2062	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=77060000 'C:\Windows\system32\ole32.dll'
2063	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
2064	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=020ba954:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2065	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76520000 'C:\Windows\system32\MSCTF.dll'
2066	1620.10b0: \Device\HarddiskVolume2\Program Files\Internet Download Manager\idmmkb.dll: Owner is administrators group.
2067	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
2068	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2069	1620.10b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2070	1620.10b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Internet Download Manager\idmmkb.dll)WinVerifyTrust
2071	1620.10b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Internet Download Manager\idmmkb.dll
2072	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2073	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2074	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2075	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2076	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2077	1620.10b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2078	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Internet Download Manager\idmmkb.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00810974:C:\Program Files\Internet Download Manager;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2079	1620.10b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Internet Download Manager\idmmkb.dll
2080	1620.10b0: supR3HardenedDllNotificationCallback: load 10000000 LB 0x00008000 C:\Program Files\Internet Download Manager\idmmkb.dll [fFlags=0x0]
2081	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Internet Download Manager\idmmkb.dll
2082	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=10000000 'C:\Program Files\Internet Download Manager\idmmkb.dll'
2083	1620.10b0: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll' [redir]
2084	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll [redoing WinVerifyTrust]
2085	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000004e0 pwszName=\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
2086	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00769d60
2087	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00769d60
2088	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B2DD5817E3C34BF2CE0D876EBC207250E2DB8A3A
2089	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2864058~31bf3856ad364e35~x86~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll'
2090	1620.10b0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2091	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll'
2092	1620.10b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=026dbe14:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2093	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6bb70000 'C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll'
2094	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2095	1620.10b0: Error (rc=0):
2096	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=16 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2097	1620.10b0: Error (rc=0):
2098	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2099	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2100	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2101	1620.10b0: Error (rc=0):
2102	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2103	1620.10b0: Error (rc=0):
2104	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2105	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2106	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2107	1620.10b0: Error (rc=0):
2108	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2109	1620.10b0: Error (rc=0):
2110	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2111	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2112	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2113	1620.10b0: Error (rc=0):
2114	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2115	1620.10b0: Error (rc=0):
2116	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2117	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2118	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2119	1620.10b0: Error (rc=0):
2120	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2121	1620.10b0: Error (rc=0):
2122	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2123	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2124	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76450000 'C:\Windows\system32\User32.dll'
2125	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2126	1620.10b0: Error (rc=0):
2127	1620.10b0: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=512 \Device\HarddiskVolume2\Program Files\RocketDock\RocketDock.dll
2128	1620.10b0: Error (rc=0):
2129	1620.10b0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\RocketDock\RocketDock.dll' (C:\Program Files\RocketDock\RocketDock.dll): rcNt=0xc0000190
2130	1620.10b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\RocketDock\RocketDock.dll'
2131	1620.10b0: Terminating the normal way: rcExit=1
2132	3c4.d74: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 9512 ms, the end);
2133	a80.1634: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 9926 ms, the end);

Download in other formats:

Original Format