VBoxHardening.txt

Virtual Box problem - Maszyna wirtualna nie chce się uruchomić.

Witam. Mam problem. Chciałem w Virtual Box uruchomić Windows Serwer 2008 lecz wyskakuje błąd. Plik iso pobrałem z głównej strony Microsoft. Od razu mówię, że jestem w tym zielony. W załączniku podaje zdjęcie błędu oraz logi. Link do strony z której pobierałem plik: https://www.microsoft.com/en-us/download/details.aspx?id=5023 788392

1320.470: Log file opened: 5.1.8r111374 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
1320.470: \SystemRoot\System32\ntdll.dll:
1320.470: CreationTime: 2016-05-11T11:31:51.385414300Z
1320.470: LastWriteTime: 2016-04-09T06:59:27.660769000Z
1320.470: ChangeTime: 2016-05-11T14:02:55.136022200Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x1a7100
1320.470: NT Headers: 0xe0
1320.470: Timestamp: 0x5708a857
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x5708a857
1320.470: Image Version: 6.1
1320.470: SizeOfImage: 0x1aa000 (1744896)
1320.470: Resource Dir: 0x14e000 LB 0x5a028
1320.470: ProductName: Microsoft® Windows® Operating System
1320.470: ProductVersion: 6.1.7601.23418
1320.470: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
1320.470: FileDescription: NT Layer DLL
1320.470: \SystemRoot\System32\kernel32.dll:
1320.470: CreationTime: 2016-05-11T11:31:50.827382300Z
1320.470: LastWriteTime: 2016-04-09T06:57:53.879000000Z
1320.470: ChangeTime: 2016-05-11T14:02:55.994023700Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x11c000
1320.470: NT Headers: 0xe0
1320.470: Timestamp: 0x5708a89b
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x5708a89b
1320.470: Image Version: 6.1
1320.470: SizeOfImage: 0x11f000 (1175552)
1320.470: Resource Dir: 0x116000 LB 0x528
1320.470: ProductName: Microsoft® Windows® Operating System
1320.470: ProductVersion: 6.1.7601.23418
1320.470: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
1320.470: FileDescription: Windows NT BASE API Client DLL
1320.470: \SystemRoot\System32\KernelBase.dll:
1320.470: CreationTime: 2016-05-11T11:31:50.701376200Z
1320.470: LastWriteTime: 2016-04-09T06:57:53.879000000Z
1320.470: ChangeTime: 2016-05-11T14:02:55.994023700Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x66800
1320.470: NT Headers: 0xe8
1320.470: Timestamp: 0x5708a89c
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x5708a89c
1320.470: Image Version: 6.1
1320.470: SizeOfImage: 0x6a000 (434176)
1320.470: Resource Dir: 0x68000 LB 0x530
1320.470: ProductName: Microsoft® Windows® Operating System
1320.470: ProductVersion: 6.1.7601.23418
1320.470: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
1320.470: FileDescription: Windows NT BASE API Client DLL
1320.470: \SystemRoot\System32\apisetschema.dll:
1320.470: CreationTime: 2016-05-11T11:31:45.942557100Z
1320.470: LastWriteTime: 2016-04-09T06:57:48.684000000Z
1320.470: ChangeTime: 2016-05-11T14:02:55.058022100Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x1a00
1320.470: NT Headers: 0xc0
1320.470: Timestamp: 0x5708a835
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x5708a835
1320.470: Image Version: 6.1
1320.470: SizeOfImage: 0x50000 (327680)
1320.470: Resource Dir: 0x30000 LB 0x3f8
1320.470: ProductName: Microsoft® Windows® Operating System
1320.470: ProductVersion: 6.1.7601.23418
1320.470: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
1320.470: FileDescription: ApiSet Schema DLL
1320.470: NtOpenDirectoryObject failed on \Driver: 0xc0000022
1320.470: supR3HardenedWinFindAdversaries: 0x4
1320.470: \SystemRoot\System32\drivers\aswHwid.sys:
1320.470: CreationTime: 2016-04-07T13:17:12.301418500Z
1320.470: LastWriteTime: 2016-09-08T16:39:45.541681000Z
1320.470: ChangeTime: 2016-09-08T16:39:51.035995300Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x9318
1320.470: NT Headers: 0xe8
1320.470: Timestamp: 0x57b5c234
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57b5c234
1320.470: Image Version: 6.0
1320.470: SizeOfImage: 0xa000 (40960)
1320.470: Resource Dir: 0x8000 LB 0x388
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.0
1320.470: FileVersion: 12.3.3154.0
1320.470: FileDescription: avast! HWID
1320.470: \SystemRoot\System32\drivers\aswMonFlt.sys:
1320.470: CreationTime: 2016-04-07T13:17:12.977457200Z
1320.470: LastWriteTime: 2016-09-08T16:39:45.579683200Z
1320.470: ChangeTime: 2016-09-08T16:39:51.036995300Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x1a910
1320.470: NT Headers: 0xe8
1320.470: Timestamp: 0x57b5c676
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57b5c676
1320.470: Image Version: 6.0
1320.470: SizeOfImage: 0x26000 (155648)
1320.470: Resource Dir: 0x24000 LB 0x3b0
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.0
1320.470: FileVersion: 12.3.3154.0
1320.470: FileDescription: avast! File System Minifilter for Windows 2003/Vista
1320.470: \SystemRoot\System32\drivers\aswRdr2.sys:
1320.470: CreationTime: 2016-04-07T13:17:11.569376700Z
1320.470: LastWriteTime: 2016-09-08T16:39:44.776637200Z
1320.470: ChangeTime: 2016-09-08T16:39:51.036995300Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x19298
1320.470: NT Headers: 0xf0
1320.470: Timestamp: 0x57b5c26a
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57b5c26a
1320.470: Image Version: 6.1
1320.470: SizeOfImage: 0x1a000 (106496)
1320.470: Resource Dir: 0x18000 LB 0x398
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.0
1320.470: FileVersion: 12.3.3154.0 built by: WinDDK
1320.470: FileDescription: avast! WFP Redirect Driver
1320.470: \SystemRoot\System32\drivers\aswRvrt.sys:
1320.470: CreationTime: 2016-04-07T13:17:13.252472900Z
1320.470: LastWriteTime: 2016-09-08T16:39:45.615685200Z
1320.470: ChangeTime: 2016-09-08T16:39:51.036995300Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x12330
1320.470: NT Headers: 0xe8
1320.470: Timestamp: 0x57b5c231
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57b5c231
1320.470: Image Version: 6.0
1320.470: SizeOfImage: 0x13000 (77824)
1320.470: Resource Dir: 0x11000 LB 0x388
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.0
1320.470: FileVersion: 12.3.3154.0
1320.470: FileDescription: avast! Revert
1320.470: \SystemRoot\System32\drivers\aswSnx.sys:
1320.470: CreationTime: 2016-04-07T13:17:10.028288500Z
1320.470: LastWriteTime: 2016-09-13T12:27:05.882870500Z
1320.470: ChangeTime: 2016-09-13T12:27:05.882870500Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0xec9e0
1320.470: NT Headers: 0xf8
1320.470: Timestamp: 0x57d6a174
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57d6a174
1320.470: Image Version: 6.0
1320.470: SizeOfImage: 0xeb000 (962560)
1320.470: Resource Dir: 0xe4000 LB 0x378
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.8
1320.470: FileVersion: 12.3.3154.8
1320.470: FileDescription: avast! Virtualization Driver
1320.470: \SystemRoot\System32\drivers\aswsp.sys:
1320.470: CreationTime: 2016-04-07T13:17:13.459484800Z
1320.470: LastWriteTime: 2016-09-22T12:30:53.367814300Z
1320.470: ChangeTime: 2016-09-22T12:30:53.367814300Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x7d660
1320.470: NT Headers: 0xf0
1320.470: Timestamp: 0x57d6a695
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57d6a695
1320.470: Image Version: 6.0
1320.470: SizeOfImage: 0x80000 (524288)
1320.470: Resource Dir: 0x7e000 LB 0x370
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.8
1320.470: FileVersion: 12.3.3154.8
1320.470: FileDescription: avast! self protection module
1320.470: \SystemRoot\System32\drivers\aswStm.sys:
1320.470: CreationTime: 2016-04-07T13:17:14.049518500Z
1320.470: LastWriteTime: 2016-09-08T16:39:46.017708200Z
1320.470: ChangeTime: 2016-09-08T16:39:51.037995400Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x27e58
1320.470: NT Headers: 0xf8
1320.470: Timestamp: 0x57b5c7ed
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57b5c7ed
1320.470: Image Version: 10.0
1320.470: SizeOfImage: 0x2a000 (172032)
1320.470: Resource Dir: 0x28000 LB 0x350
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.0
1320.470: FileVersion: 12.3.3154.0
1320.470: FileDescription: Stream Filter
1320.470: \SystemRoot\System32\drivers\aswVmm.sys:
1320.470: CreationTime: 2016-04-07T13:17:13.657496100Z
1320.470: LastWriteTime: 2016-10-13T11:20:18.000008000Z
1320.470: ChangeTime: 2016-10-13T11:20:18.000008000Z
1320.470: FileAttributes: 0x20
1320.470: Size: 0x479e8
1320.470: NT Headers: 0xe8
1320.470: Timestamp: 0x57f618bc
1320.470: Machine: 0x8664 - amd64
1320.470: Timestamp: 0x57f618bc
1320.470: Image Version: 6.0
1320.470: SizeOfImage: 0x47000 (290816)
1320.470: Resource Dir: 0x44000 LB 0x398
1320.470: ProductName: Avast Antivirus
1320.470: ProductVersion: 12.3.3154.16
1320.470: FileVersion: 12.3.3154.16
1320.470: FileDescription: avast! VM Monitor
1320.470: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1320.470: Calling main()
1320.470: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1320.470: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1320.470: SUPR3HardenedMain: Respawn #1
1320.470: System32: \Device\HarddiskVolume2\Windows\System32
1320.470: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
1320.470: KnownDllPath: C:\Windows\system32
1320.470: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1320.470: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1320.470: supR3HardNtEnableThreadCreation:
1320.470: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076dfa0e0 pvNtTerminateThread=0000000076e1c060
1320.470: supR3HardenedWinDoReSpawn(1): New child 7d4.b64 [kernel32].
1320.470: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
1320.470: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076dd0000 uNtDllChildAddr=0000000076dd0000
1320.470: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076dfa0e0
1320.470: supR3HardenedWinSetupChildInit: Start child.
1320.470: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
1320.470: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
1320.470: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1320.470: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1320.470: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
1320.470: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
1320.470: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
1320.470: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
1320.470: 0000000000041000-ffffffffffed1fff 0x0001/0x0000 0x0000000
1320.470: *00000000001b0000-00000000000b3fff 0x0000/0x0004 0x0020000
1320.470: 00000000002ac000-00000000002a9fff 0x0104/0x0004 0x0020000
1320.470: 00000000002ae000-00000000002abfff 0x0004/0x0004 0x0020000
1320.470: 00000000002b0000-ffffffff8978ffff 0x0001/0x0000 0x0000000
1320.470: *0000000076dd0000-0000000076dd0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1320.470: 0000000076dd1000-0000000076ecdfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1320.470: 0000000076ece000-0000000076efcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1320.470: 0000000076efd000-0000000076f06fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1320.470: 0000000076f07000-0000000076f07fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1320.470: 0000000076f08000-0000000076f0afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1320.470: 0000000076f0b000-0000000076f79fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1320.470: 0000000076f7a000-000000006ef13fff 0x0001/0x0000 0x0000000
1320.470: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
1320.470: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1320.470: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1320.470: 000000007fff0000-ffffffffc0c7ffff 0x0001/0x0000 0x0000000
1320.470: *000000013f360000-000000013f360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f361000-000000013f3cffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f3d0000-000000013f3d0fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f3d1000-000000013f415fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f416000-000000013f416fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f417000-000000013f417fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f418000-000000013f41cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f41d000-000000013f41dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f41e000-000000013f41efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f41f000-000000013f422fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f423000-000000013f46afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1320.470: 000000013f46b000-fffff8037f7e5fff 0x0001/0x0000 0x0000000
1320.470: *000007feff0f0000-000007feff0f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
1320.470: 000007feff0f1000-000007fdfe231fff 0x0001/0x0000 0x0000000
1320.470: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
1320.470: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
1320.470: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
1320.470: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
1320.470: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
1320.470: apisetschema.dll: timestamp 0x5708a835 (rc=VINF_SUCCESS)
1320.470: VirtualBox.exe: timestamp 0x58062715 (rc=VINF_SUCCESS)
1320.470: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1320.470: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
1320.470: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
1320.470: supR3HardNtChildPurify: Done after 543 ms and 0 fixes (loop #0).
7d4.b64: Log file opened: 5.1.8r111374 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
7d4.b64: supR3HardenedVmProcessInit: uNtDllAddr=0000000076dd0000 g_uNtVerCombined=0x611db100
1320.470: supR3HardNtEnableThreadCreation:
7d4.b64: ntdll.dll: timestamp 0x5708a857 (rc=VINF_SUCCESS)
7d4.b64: New simple heap: #1 00000000002b0000 LB 0x400000 (for 1744896 allocation)
7d4.b64: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
7d4.b64: System32: \Device\HarddiskVolume2\Windows\System32
7d4.b64: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
7d4.b64: KnownDllPath: C:\Windows\system32
7d4.b64: supR3HardenedVmProcessInit: Opening vboxdrv stub...
7d4.b64: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
7d4.b64: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
7d4.b64: Registered Dll notification callback with NTDLL.
7d4.b64: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
7d4.b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
7d4.b64: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: & lt; flags & gt; [calling]
7d4.b64: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7d4.b64: supR3HardenedDllNotificationCallback: load 0000000076cb0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
7d4.b64: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7d4.b64: supR3HardenedDllNotificationCallback: load 000007fefccf0000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
7d4.b64: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
7d4.b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
7d4.b64: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cb0000 'C:\Windows\system32\kernel32.dll'
7d4.b64: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076dfa0e0 pvNtTerminateThread=0000000076e1c060
1320.470: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 26 ms.
7d4.b64: \SystemRoot\System32\ntdll.dll:
7d4.b64: CreationTime: 2016-05-11T11:31:51.385414300Z
7d4.b64: LastWriteTime: 2016-04-09T06:59:27.660769000Z
7d4.b64: ChangeTime: 2016-05-11T14:02:55.136022200Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x1a7100
7d4.b64: NT Headers: 0xe0
7d4.b64: Timestamp: 0x5708a857
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x5708a857
7d4.b64: Image Version: 6.1
7d4.b64: SizeOfImage: 0x1aa000 (1744896)
7d4.b64: Resource Dir: 0x14e000 LB 0x5a028
7d4.b64: ProductName: Microsoft® Windows® Operating System
7d4.b64: ProductVersion: 6.1.7601.23418
7d4.b64: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
7d4.b64: FileDescription: NT Layer DLL
7d4.b64: \SystemRoot\System32\kernel32.dll:
7d4.b64: CreationTime: 2016-05-11T11:31:50.827382300Z
7d4.b64: LastWriteTime: 2016-04-09T06:57:53.879000000Z
7d4.b64: ChangeTime: 2016-05-11T14:02:55.994023700Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x11c000
7d4.b64: NT Headers: 0xe0
7d4.b64: Timestamp: 0x5708a89b
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x5708a89b
7d4.b64: Image Version: 6.1
7d4.b64: SizeOfImage: 0x11f000 (1175552)
7d4.b64: Resource Dir: 0x116000 LB 0x528
7d4.b64: ProductName: Microsoft® Windows® Operating System
7d4.b64: ProductVersion: 6.1.7601.23418
7d4.b64: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
7d4.b64: FileDescription: Windows NT BASE API Client DLL
7d4.b64: \SystemRoot\System32\KernelBase.dll:
7d4.b64: CreationTime: 2016-05-11T11:31:50.701376200Z
7d4.b64: LastWriteTime: 2016-04-09T06:57:53.879000000Z
7d4.b64: ChangeTime: 2016-05-11T14:02:55.994023700Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x66800
7d4.b64: NT Headers: 0xe8
7d4.b64: Timestamp: 0x5708a89c
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x5708a89c
7d4.b64: Image Version: 6.1
7d4.b64: SizeOfImage: 0x6a000 (434176)
7d4.b64: Resource Dir: 0x68000 LB 0x530
7d4.b64: ProductName: Microsoft® Windows® Operating System
7d4.b64: ProductVersion: 6.1.7601.23418
7d4.b64: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
7d4.b64: FileDescription: Windows NT BASE API Client DLL
7d4.b64: \SystemRoot\System32\apisetschema.dll:
7d4.b64: CreationTime: 2016-05-11T11:31:45.942557100Z
7d4.b64: LastWriteTime: 2016-04-09T06:57:48.684000000Z
7d4.b64: ChangeTime: 2016-05-11T14:02:55.058022100Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x1a00
7d4.b64: NT Headers: 0xc0
7d4.b64: Timestamp: 0x5708a835
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x5708a835
7d4.b64: Image Version: 6.1
7d4.b64: SizeOfImage: 0x50000 (327680)
7d4.b64: Resource Dir: 0x30000 LB 0x3f8
7d4.b64: ProductName: Microsoft® Windows® Operating System
7d4.b64: ProductVersion: 6.1.7601.23418
7d4.b64: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
7d4.b64: FileDescription: ApiSet Schema DLL
7d4.b64: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7d4.b64: supR3HardenedWinFindAdversaries: 0x4
7d4.b64: \SystemRoot\System32\drivers\aswHwid.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:12.301418500Z
7d4.b64: LastWriteTime: 2016-09-08T16:39:45.541681000Z
7d4.b64: ChangeTime: 2016-09-08T16:39:51.035995300Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x9318
7d4.b64: NT Headers: 0xe8
7d4.b64: Timestamp: 0x57b5c234
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57b5c234
7d4.b64: Image Version: 6.0
7d4.b64: SizeOfImage: 0xa000 (40960)
7d4.b64: Resource Dir: 0x8000 LB 0x388
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.0
7d4.b64: FileVersion: 12.3.3154.0
7d4.b64: FileDescription: avast! HWID
7d4.b64: \SystemRoot\System32\drivers\aswMonFlt.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:12.977457200Z
7d4.b64: LastWriteTime: 2016-09-08T16:39:45.579683200Z
7d4.b64: ChangeTime: 2016-09-08T16:39:51.036995300Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x1a910
7d4.b64: NT Headers: 0xe8
7d4.b64: Timestamp: 0x57b5c676
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57b5c676
7d4.b64: Image Version: 6.0
7d4.b64: SizeOfImage: 0x26000 (155648)
7d4.b64: Resource Dir: 0x24000 LB 0x3b0
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.0
7d4.b64: FileVersion: 12.3.3154.0
7d4.b64: FileDescription: avast! File System Minifilter for Windows 2003/Vista
7d4.b64: \SystemRoot\System32\drivers\aswRdr2.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:11.569376700Z
7d4.b64: LastWriteTime: 2016-09-08T16:39:44.776637200Z
7d4.b64: ChangeTime: 2016-09-08T16:39:51.036995300Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x19298
7d4.b64: NT Headers: 0xf0
7d4.b64: Timestamp: 0x57b5c26a
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57b5c26a
7d4.b64: Image Version: 6.1
7d4.b64: SizeOfImage: 0x1a000 (106496)
7d4.b64: Resource Dir: 0x18000 LB 0x398
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.0
7d4.b64: FileVersion: 12.3.3154.0 built by: WinDDK
7d4.b64: FileDescription: avast! WFP Redirect Driver
7d4.b64: \SystemRoot\System32\drivers\aswRvrt.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:13.252472900Z
7d4.b64: LastWriteTime: 2016-09-08T16:39:45.615685200Z
7d4.b64: ChangeTime: 2016-09-08T16:39:51.036995300Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x12330
7d4.b64: NT Headers: 0xe8
7d4.b64: Timestamp: 0x57b5c231
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57b5c231
7d4.b64: Image Version: 6.0
7d4.b64: SizeOfImage: 0x13000 (77824)
7d4.b64: Resource Dir: 0x11000 LB 0x388
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.0
7d4.b64: FileVersion: 12.3.3154.0
7d4.b64: FileDescription: avast! Revert
7d4.b64: \SystemRoot\System32\drivers\aswSnx.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:10.028288500Z
7d4.b64: LastWriteTime: 2016-09-13T12:27:05.882870500Z
7d4.b64: ChangeTime: 2016-09-13T12:27:05.882870500Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0xec9e0
7d4.b64: NT Headers: 0xf8
7d4.b64: Timestamp: 0x57d6a174
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57d6a174
7d4.b64: Image Version: 6.0
7d4.b64: SizeOfImage: 0xeb000 (962560)
7d4.b64: Resource Dir: 0xe4000 LB 0x378
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.8
7d4.b64: FileVersion: 12.3.3154.8
7d4.b64: FileDescription: avast! Virtualization Driver
7d4.b64: \SystemRoot\System32\drivers\aswsp.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:13.459484800Z
7d4.b64: LastWriteTime: 2016-09-22T12:30:53.367814300Z
7d4.b64: ChangeTime: 2016-09-22T12:30:53.367814300Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x7d660
7d4.b64: NT Headers: 0xf0
7d4.b64: Timestamp: 0x57d6a695
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57d6a695
7d4.b64: Image Version: 6.0
7d4.b64: SizeOfImage: 0x80000 (524288)
7d4.b64: Resource Dir: 0x7e000 LB 0x370
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.8
7d4.b64: FileVersion: 12.3.3154.8
7d4.b64: FileDescription: avast! self protection module
7d4.b64: \SystemRoot\System32\drivers\aswStm.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:14.049518500Z
7d4.b64: LastWriteTime: 2016-09-08T16:39:46.017708200Z
7d4.b64: ChangeTime: 2016-09-08T16:39:51.037995400Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x27e58
7d4.b64: NT Headers: 0xf8
7d4.b64: Timestamp: 0x57b5c7ed
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57b5c7ed
7d4.b64: Image Version: 10.0
7d4.b64: SizeOfImage: 0x2a000 (172032)
7d4.b64: Resource Dir: 0x28000 LB 0x350
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.0
7d4.b64: FileVersion: 12.3.3154.0
7d4.b64: FileDescription: Stream Filter
7d4.b64: \SystemRoot\System32\drivers\aswVmm.sys:
7d4.b64: CreationTime: 2016-04-07T13:17:13.657496100Z
7d4.b64: LastWriteTime: 2016-10-13T11:20:18.000008000Z
7d4.b64: ChangeTime: 2016-10-13T11:20:18.000008000Z
7d4.b64: FileAttributes: 0x20
7d4.b64: Size: 0x479e8
7d4.b64: NT Headers: 0xe8
7d4.b64: Timestamp: 0x57f618bc
7d4.b64: Machine: 0x8664 - amd64
7d4.b64: Timestamp: 0x57f618bc
7d4.b64: Image Version: 6.0
7d4.b64: SizeOfImage: 0x47000 (290816)
7d4.b64: Resource Dir: 0x44000 LB 0x398
7d4.b64: ProductName: Avast Antivirus
7d4.b64: ProductVersion: 12.3.3154.16
7d4.b64: FileVersion: 12.3.3154.16
7d4.b64: FileDescription: avast! VM Monitor
7d4.b64: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
7d4.b64: Calling main()
7d4.b64: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
7d4.b64: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
7d4.b64: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
7d4.b64: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
7d4.b64: SUPR3HardenedMain: Respawn #2
7d4.b64: supR3HardNtEnableThreadCreation:
7d4.b64: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
7d4.b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
7d4.b64: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: & lt; flags & gt; [calling]
7d4.b64: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
7d4.b64: supR3HardenedDllNotificationCallback: load 000007fefc950000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
7d4.b64: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
7d4.b64: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc950000 'C:\Windows\system32\apphelp.dll'
7d4.b64: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076dfa0e0 pvNtTerminateThread=0000000076e1c060
7d4.b64: supR3HardenedWinDoReSpawn(2): New child f10.d78 [kernel32].
7d4.b64: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdc000 cbPeb=0x380
7d4.b64: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076dd0000 uNtDllChildAddr=0000000076dd0000
7d4.b64: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076dfa0e0
7d4.b64: supR3HardenedWinSetupChildInit: Start child.
7d4.b64: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
7d4.b64: supR3HardNtChildPurify: Startup delay kludge #1/0: 523 ms, 65 sleeps
7d4.b64: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
7d4.b64: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
7d4.b64: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
7d4.b64: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
7d4.b64: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
7d4.b64: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
7d4.b64: 0000000000041000-ffffffffffee1fff 0x0001/0x0000 0x0000000
7d4.b64: *00000000001a0000-00000000000a3fff 0x0000/0x0004 0x0020000
7d4.b64: 000000000029c000-0000000000299fff 0x0104/0x0004 0x0020000
7d4.b64: 000000000029e000-000000000029bfff 0x0004/0x0004 0x0020000
7d4.b64: 00000000002a0000-ffffffff8976ffff 0x0001/0x0000 0x0000000
7d4.b64: *0000000076dd0000-0000000076dd0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7d4.b64: 0000000076dd1000-0000000076ecdfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7d4.b64: 0000000076ece000-0000000076efcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7d4.b64: 0000000076efd000-0000000076f06fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7d4.b64: 0000000076f07000-0000000076f07fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7d4.b64: 0000000076f08000-0000000076f0afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7d4.b64: 0000000076f0b000-0000000076f79fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7d4.b64: 0000000076f7a000-000000006ef13fff 0x0001/0x0000 0x0000000
7d4.b64: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
7d4.b64: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
7d4.b64: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
7d4.b64: 000000007fff0000-ffffffffc0c7ffff 0x0001/0x0000 0x0000000
7d4.b64: *000000013f360000-000000013f360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f361000-000000013f3cffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f3d0000-000000013f3d0fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f3d1000-000000013f415fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f416000-000000013f416fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f417000-000000013f417fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f418000-000000013f41cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f41d000-000000013f41dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f41e000-000000013f41efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f41f000-000000013f422fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f423000-000000013f46afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
7d4.b64: 000000013f46b000-fffff8037f7e5fff 0x0001/0x0000 0x0000000
7d4.b64: *000007feff0f0000-000007feff0f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
7d4.b64: 000007feff0f1000-000007fdfe231fff 0x0001/0x0000 0x0000000
7d4.b64: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
7d4.b64: 000007fffffd3000-000007fffffc9fff 0x0001/0x0000 0x0000000
7d4.b64: *000007fffffdc000-000007fffffdafff 0x0004/0x0004 0x0020000
7d4.b64: 000007fffffdd000-000007fffffdbfff 0x0001/0x0000 0x0000000
7d4.b64: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
7d4.b64: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
7d4.b64: apisetschema.dll: timestamp 0x5708a835 (rc=VINF_SUCCESS)
7d4.b64: VirtualBox.exe: timestamp 0x58062715 (rc=VINF_SUCCESS)
7d4.b64: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
7d4.b64: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
7d4.b64: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
7d4.b64: supR3HardNtChildPurify: Done after 547 ms and 0 fixes (loop #0).
f10.d78: Log file opened: 5.1.8r111374 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
f10.d78: supR3HardenedVmProcessInit: uNtDllAddr=0000000076dd0000 g_uNtVerCombined=0x611db100
7d4.b64: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002b0000 LB 0x400000)
7d4.b64: supR3HardNtEnableThreadCreation:
f10.d78: ntdll.dll: timestamp 0x5708a857 (rc=VINF_SUCCESS)
f10.d78: New simple heap: #1 00000000002a0000 LB 0x400000 (for 1744896 allocation)
f10.d78: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
f10.d78: System32: \Device\HarddiskVolume2\Windows\System32
f10.d78: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
f10.d78: KnownDllPath: C:\Windows\system32
f10.d78: supR3HardenedVmProcessInit: Opening vboxdrv...
f10.d78: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
f10.d78: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
f10.d78: Registered Dll notification callback with NTDLL.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 0000000076cb0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefccf0000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cb0000 'C:\Windows\system32\kernel32.dll'
f10.d78: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076dfa0e0 pvNtTerminateThread=0000000076e1c060
7d4.b64: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 33 ms.
f10.d78: \SystemRoot\System32\ntdll.dll:
f10.d78: CreationTime: 2016-05-11T11:31:51.385414300Z
f10.d78: LastWriteTime: 2016-04-09T06:59:27.660769000Z
f10.d78: ChangeTime: 2016-05-11T14:02:55.136022200Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x1a7100
f10.d78: NT Headers: 0xe0
f10.d78: Timestamp: 0x5708a857
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x5708a857
f10.d78: Image Version: 6.1
f10.d78: SizeOfImage: 0x1aa000 (1744896)
f10.d78: Resource Dir: 0x14e000 LB 0x5a028
f10.d78: ProductName: Microsoft® Windows® Operating System
f10.d78: ProductVersion: 6.1.7601.23418
f10.d78: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
f10.d78: FileDescription: NT Layer DLL
f10.d78: \SystemRoot\System32\kernel32.dll:
f10.d78: CreationTime: 2016-05-11T11:31:50.827382300Z
f10.d78: LastWriteTime: 2016-04-09T06:57:53.879000000Z
f10.d78: ChangeTime: 2016-05-11T14:02:55.994023700Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x11c000
f10.d78: NT Headers: 0xe0
f10.d78: Timestamp: 0x5708a89b
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x5708a89b
f10.d78: Image Version: 6.1
f10.d78: SizeOfImage: 0x11f000 (1175552)
f10.d78: Resource Dir: 0x116000 LB 0x528
f10.d78: ProductName: Microsoft® Windows® Operating System
f10.d78: ProductVersion: 6.1.7601.23418
f10.d78: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
f10.d78: FileDescription: Windows NT BASE API Client DLL
f10.d78: \SystemRoot\System32\KernelBase.dll:
f10.d78: CreationTime: 2016-05-11T11:31:50.701376200Z
f10.d78: LastWriteTime: 2016-04-09T06:57:53.879000000Z
f10.d78: ChangeTime: 2016-05-11T14:02:55.994023700Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x66800
f10.d78: NT Headers: 0xe8
f10.d78: Timestamp: 0x5708a89c
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x5708a89c
f10.d78: Image Version: 6.1
f10.d78: SizeOfImage: 0x6a000 (434176)
f10.d78: Resource Dir: 0x68000 LB 0x530
f10.d78: ProductName: Microsoft® Windows® Operating System
f10.d78: ProductVersion: 6.1.7601.23418
f10.d78: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
f10.d78: FileDescription: Windows NT BASE API Client DLL
f10.d78: \SystemRoot\System32\apisetschema.dll:
f10.d78: CreationTime: 2016-05-11T11:31:45.942557100Z
f10.d78: LastWriteTime: 2016-04-09T06:57:48.684000000Z
f10.d78: ChangeTime: 2016-05-11T14:02:55.058022100Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x1a00
f10.d78: NT Headers: 0xc0
f10.d78: Timestamp: 0x5708a835
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x5708a835
f10.d78: Image Version: 6.1
f10.d78: SizeOfImage: 0x50000 (327680)
f10.d78: Resource Dir: 0x30000 LB 0x3f8
f10.d78: ProductName: Microsoft® Windows® Operating System
f10.d78: ProductVersion: 6.1.7601.23418
f10.d78: FileVersion: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
f10.d78: FileDescription: ApiSet Schema DLL
f10.d78: NtOpenDirectoryObject failed on \Driver: 0xc0000022
f10.d78: supR3HardenedWinFindAdversaries: 0x4
f10.d78: \SystemRoot\System32\drivers\aswHwid.sys:
f10.d78: CreationTime: 2016-04-07T13:17:12.301418500Z
f10.d78: LastWriteTime: 2016-09-08T16:39:45.541681000Z
f10.d78: ChangeTime: 2016-09-08T16:39:51.035995300Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x9318
f10.d78: NT Headers: 0xe8
f10.d78: Timestamp: 0x57b5c234
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57b5c234
f10.d78: Image Version: 6.0
f10.d78: SizeOfImage: 0xa000 (40960)
f10.d78: Resource Dir: 0x8000 LB 0x388
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.0
f10.d78: FileVersion: 12.3.3154.0
f10.d78: FileDescription: avast! HWID
f10.d78: \SystemRoot\System32\drivers\aswMonFlt.sys:
f10.d78: CreationTime: 2016-04-07T13:17:12.977457200Z
f10.d78: LastWriteTime: 2016-09-08T16:39:45.579683200Z
f10.d78: ChangeTime: 2016-09-08T16:39:51.036995300Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x1a910
f10.d78: NT Headers: 0xe8
f10.d78: Timestamp: 0x57b5c676
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57b5c676
f10.d78: Image Version: 6.0
f10.d78: SizeOfImage: 0x26000 (155648)
f10.d78: Resource Dir: 0x24000 LB 0x3b0
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.0
f10.d78: FileVersion: 12.3.3154.0
f10.d78: FileDescription: avast! File System Minifilter for Windows 2003/Vista
f10.d78: \SystemRoot\System32\drivers\aswRdr2.sys:
f10.d78: CreationTime: 2016-04-07T13:17:11.569376700Z
f10.d78: LastWriteTime: 2016-09-08T16:39:44.776637200Z
f10.d78: ChangeTime: 2016-09-08T16:39:51.036995300Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x19298
f10.d78: NT Headers: 0xf0
f10.d78: Timestamp: 0x57b5c26a
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57b5c26a
f10.d78: Image Version: 6.1
f10.d78: SizeOfImage: 0x1a000 (106496)
f10.d78: Resource Dir: 0x18000 LB 0x398
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.0
f10.d78: FileVersion: 12.3.3154.0 built by: WinDDK
f10.d78: FileDescription: avast! WFP Redirect Driver
f10.d78: \SystemRoot\System32\drivers\aswRvrt.sys:
f10.d78: CreationTime: 2016-04-07T13:17:13.252472900Z
f10.d78: LastWriteTime: 2016-09-08T16:39:45.615685200Z
f10.d78: ChangeTime: 2016-09-08T16:39:51.036995300Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x12330
f10.d78: NT Headers: 0xe8
f10.d78: Timestamp: 0x57b5c231
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57b5c231
f10.d78: Image Version: 6.0
f10.d78: SizeOfImage: 0x13000 (77824)
f10.d78: Resource Dir: 0x11000 LB 0x388
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.0
f10.d78: FileVersion: 12.3.3154.0
f10.d78: FileDescription: avast! Revert
f10.d78: \SystemRoot\System32\drivers\aswSnx.sys:
f10.d78: CreationTime: 2016-04-07T13:17:10.028288500Z
f10.d78: LastWriteTime: 2016-09-13T12:27:05.882870500Z
f10.d78: ChangeTime: 2016-09-13T12:27:05.882870500Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0xec9e0
f10.d78: NT Headers: 0xf8
f10.d78: Timestamp: 0x57d6a174
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57d6a174
f10.d78: Image Version: 6.0
f10.d78: SizeOfImage: 0xeb000 (962560)
f10.d78: Resource Dir: 0xe4000 LB 0x378
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.8
f10.d78: FileVersion: 12.3.3154.8
f10.d78: FileDescription: avast! Virtualization Driver
f10.d78: \SystemRoot\System32\drivers\aswsp.sys:
f10.d78: CreationTime: 2016-04-07T13:17:13.459484800Z
f10.d78: LastWriteTime: 2016-09-22T12:30:53.367814300Z
f10.d78: ChangeTime: 2016-09-22T12:30:53.367814300Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x7d660
f10.d78: NT Headers: 0xf0
f10.d78: Timestamp: 0x57d6a695
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57d6a695
f10.d78: Image Version: 6.0
f10.d78: SizeOfImage: 0x80000 (524288)
f10.d78: Resource Dir: 0x7e000 LB 0x370
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.8
f10.d78: FileVersion: 12.3.3154.8
f10.d78: FileDescription: avast! self protection module
f10.d78: \SystemRoot\System32\drivers\aswStm.sys:
f10.d78: CreationTime: 2016-04-07T13:17:14.049518500Z
f10.d78: LastWriteTime: 2016-09-08T16:39:46.017708200Z
f10.d78: ChangeTime: 2016-09-08T16:39:51.037995400Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x27e58
f10.d78: NT Headers: 0xf8
f10.d78: Timestamp: 0x57b5c7ed
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57b5c7ed
f10.d78: Image Version: 10.0
f10.d78: SizeOfImage: 0x2a000 (172032)
f10.d78: Resource Dir: 0x28000 LB 0x350
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.0
f10.d78: FileVersion: 12.3.3154.0
f10.d78: FileDescription: Stream Filter
f10.d78: \SystemRoot\System32\drivers\aswVmm.sys:
f10.d78: CreationTime: 2016-04-07T13:17:13.657496100Z
f10.d78: LastWriteTime: 2016-10-13T11:20:18.000008000Z
f10.d78: ChangeTime: 2016-10-13T11:20:18.000008000Z
f10.d78: FileAttributes: 0x20
f10.d78: Size: 0x479e8
f10.d78: NT Headers: 0xe8
f10.d78: Timestamp: 0x57f618bc
f10.d78: Machine: 0x8664 - amd64
f10.d78: Timestamp: 0x57f618bc
f10.d78: Image Version: 6.0
f10.d78: SizeOfImage: 0x47000 (290816)
f10.d78: Resource Dir: 0x44000 LB 0x398
f10.d78: ProductName: Avast Antivirus
f10.d78: ProductVersion: 12.3.3154.16
f10.d78: FileVersion: 12.3.3154.16
f10.d78: FileDescription: avast! VM Monitor
f10.d78: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
f10.d78: Calling main()
f10.d78: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
f10.d78: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
f10.d78: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
f10.d78: SUPR3HardenedMain: Final process, opening VBoxDrv...
f10.d78: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002a0000 LB 0x400000)
f10.d78: supR3HardNtEnableThreadCreation:
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029b721: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fef2090000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000298ea1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2090000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000298ea1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2090000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2090000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029d531: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcd90000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefe360000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcb70000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcb20000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefe400000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd90000 'C:\Windows\system32\Wintrust.dll'
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029d531: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefc4a0000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4a0000 'C:\Windows\system32\bcrypt.dll'
f10.d78: bcrypt.dll loaded at 000007fefc4a0000, BCryptOpenAlgorithmProvider at 000007fefc4a2640, preloading providers:
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029d521: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefbf50000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefced0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefd580000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf50000 'C:\Windows\system32\bcryptprimitives.dll'
f10.d78: BCryptOpenAlgorithmProvider(,'MD2',0,0) - & gt; 0x0 (hAlgo=000000000080b980)
f10.d78: BCryptOpenAlgorithmProvider(,'MD4',0,0) - & gt; 0x0 (hAlgo=000000000080d840)
f10.d78: BCryptOpenAlgorithmProvider(,'MD5',0,0) - & gt; 0x0 (hAlgo=000000000080d960)
f10.d78: BCryptOpenAlgorithmProvider(,'SHA1',0,0) - & gt; 0x0 (hAlgo=000000000080db70)
f10.d78: BCryptOpenAlgorithmProvider(,'SHA256',0,0) - & gt; 0x0 (hAlgo=000000000080dc90)
f10.d78: BCryptOpenAlgorithmProvider(,'SHA512',0,0) - & gt; 0x0 (hAlgo=000000000080ddb0)
f10.d78: BCryptOpenAlgorithmProvider(,'RSA',0,0) - & gt; 0x0 (hAlgo=000000000080dff0)
f10.d78: BCryptOpenAlgorithmProvider(,'DSA',0,0) - & gt; 0x0 (hAlgo=000000000080e110)
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029d081: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefc310000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc310000 'C:\Windows\system32\CRYPTSP.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029d011: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefc010000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc010000 'C:\Windows\system32\rsaenh.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c8a1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefced0000 'C:\Windows\system32\ADVAPI32.dll'
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029cc21: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefc9b0000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9b0000 'C:\Windows\system32\CRYPTBASE.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c651: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cb0000 'C:\Windows\system32\kernel32.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029cfe1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd90000 'C:\Windows\system32\WINTRUST.DLL'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000029ce11: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb70000 'C:\Windows\system32\CRYPT32.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029ce61: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007feff0b0000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff0b0000 'C:\Windows\system32\imagehlp.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029cfb1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc310000 'C:\Windows\system32\CRYPTSP.dll'
f10.d78: \Device\HarddiskVolume2\Windows\System32\user32.dll: Owner is administrators group.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029cae1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 0000000076bb0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcfb0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007feff0d0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefede0000 LB 0x000ca000 C:\Windows\system32\USP10.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029bfe1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfb0000 'C:\Windows\system32\gdi32.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029b921: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefd5a0000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefefa0000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5a0000 'C:\Windows\system32\IMM32.DLL'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076bb0000 'C:\Windows\system32\USER32.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029cde1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefc4d0000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4d0000 'C:\Windows\system32\ncrypt.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029cbd1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4a0000 'C:\Windows\system32\bcrypt.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c591: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcb50000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcb10000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb50000 'C:\Windows\system32\USERENV.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c2f1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c681: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c8b1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefbdd0000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbdd0000 'C:\Windows\system32\GPAPI.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c801: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-WIN-Service-Management-L1-1-0.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029bf01: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe400000 'C:\Windows\system32\rpcrt4.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c7e1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-WIN-Service-Management-L2-1-0.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c7f1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c2d1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fef8210000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefe710000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000029b501: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000029b501: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000029b501: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000029b501: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000029b501: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000029b501: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8210000 'C:\Windows\system32\cryptnet.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029bc61: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029bc61: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb10000 'C:\Windows\system32\profapi.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029b701: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefd480000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd480000 'C:\Windows\system32\SHLWAPI.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2B2074603B390BFFDF065F1D99436E162DA01247
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c5a1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c101: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-WIN-Service-Management-L1-1-0.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c101: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c5a1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefced0000 'C:\Windows\system32\ADVAPI32.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c551: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000029c241: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd580000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\SystemRoot\System32\ntdll.dll'
f10.d78: g_pfnWinVerifyTrust=000007fefcd91010
f10.d78: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BFD41401EDEBD4D914977D62B588ECABEE60CFD3
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
f10.d78: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E1BBE4EB6D114F50142F24E2E2749EFD81021486
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=756DC088EE40CF9369C990D71B200F3CB59FC35D
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000260 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EBDAA16C3FD93DFF9C20BA3B2689DFF4C8D31061
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3159398~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001cc pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b4 pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=400BD4B2DBFD7AD5A411C80DDBE71D9B6FC950B3
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB3167679~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=31498ABFB06219E83141E0AA8B2A55C4CECFD033
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B248FC58436AAEFEF00A75FCE0F004E89F8C7F94
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3164033~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C26B6C5525D45228994D185B3C08A3BC03FF6AFF
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3164035~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E7DC496F06553DAC9BBB7B106A5859A9B7459010
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash - & gt; 1168; iCat=0x0)
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E7DC496F06553DAC9BBB7B106A5859A9B7459010
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1168)
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000896680
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896680
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=72ED1EBF7CCEC3B4314BFD42BB8BEA0BB256C4D51D36CAB5E46777893F257BB3
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1168)
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; -22900 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000134 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E651DBB639B140C0B4301B4359E8081FB26257F6
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB3167679~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB669FA8DB80F8E50A29D055BB8D558E10E5E6B4
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=39D43404454E9187689A82DF7C071193F419224E
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_150_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCD6945FCF359C683136C34A509A29AE196CFAF5
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB3167679~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7692F3D670BDC0FC9E32BAA19C7AB6DDD55F2067
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CD16A55718A266ABD00ED5A81A94217318BED5ED
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3153171~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c051: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb70000 'C:\Windows\system32\crypt32.dll'
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xcc85a32f976de00 OU=generated by avast! antivirus for SSL/TLS scanning, O=avast! Web/Mail Shield, CN=avast! Web/Mail Shield Root
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
f10.d78: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
f10.d78: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=44
f10.d78: SUPR3HardenedMain: Load Runtime...
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000414 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=901DCB8172024F14E25295BF5692180F12FC8C18
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000424 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c371: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feed890000 LB 0x00527000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedDllNotificationCallback: load 0000000064430000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
f10.d78: supR3HardenedDllNotificationCallback: load 0000000064390000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefeeb0000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefd3d0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000299ab1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feed890000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029ded1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd90000 'C:\Windows\system32\Wintrust.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029ca31: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb70000 'C:\Windows\system32\crypt32.dll'
f10.d78: SUPR3HardenedMain: Load TrustedMain...
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000478 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000460 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C3BC5EE6972BF0BFEF4A099CB82428B9B682CAD7
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3139940~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000047c pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=796B1965C19A0614793EA3630408324B2CFA32D2
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3146706~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000048c pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DE1A96FE7B52C00A8B93CF46620182B88752297B
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_41_for_KB3123862~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcp100.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000490 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c0 pwszName=\Device\HarddiskVolume2\Windows\System32\mpr.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\mpr.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000450 pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' - & gt; '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b4 pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Windows\System32\user32.dll
f10.d78: Error (rc=0):
f10.d78: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=16 \Device\HarddiskVolume2\Windows\System32\user32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a8 pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e0 pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F3F3D4867E9140896E0742D7EE8AE1D01FE85ECE
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a4 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004dc pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EB130FE5667C75A1CCDD15015B9391131942AA9
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3164033~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ec pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f4 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029c381: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feecfa0000 LB 0x008e3000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feedfe0000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feecf70000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feece70000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fef2080000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefe530000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcdf0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefd020000 LB 0x000d8000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefe900000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefcd70000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefacd0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedDllNotificationCallback: load 0000000063e30000 LB 0x00553000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefd5d0000 LB 0x00d8c000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fef9800000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feec8c0000 LB 0x005a1000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
f10.d78: supR3HardenedDllNotificationCallback: load 00000000638e0000 LB 0x0054f000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feec860000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
f10.d78: supR3HardenedDllNotificationCallback: load 000007fef9840000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefef00000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fef98c0000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
f10.d78: supR3HardenedDllNotificationCallback: load 0000000063880000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fef9960000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
f10.d78: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
f10.d78: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029b951: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5a0000 'C:\Windows\system32\imm32.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefced0000 'C:\Windows\system32\ADVAPI32.DLL'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9b0000 'C:\Windows\system32\cryptbase.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecfa0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
f10.d78: SUPR3HardenedMain: Calling TrustedMain (000007feecfa1610)...
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029df11: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe900000 'C:\Windows\system32\ole32.dll'
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefced0000 'C:\Windows\system32\ADVAPI32.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029e731: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5d0000 'C:\Windows\system32\shell32.dll'
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'imm32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'winmm.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' - & gt; '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029e8c1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007feec730000 LB 0x00127000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec730000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005a4 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000896380
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust = & gt; 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
f10.d78: supR3HardNtViCallWinVerifyTrustCatFile - & gt; 0 (org 22900)
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
f10.d78: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
f10.d78: supHardenedWinVerifyImageByHandle: - & gt; 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
f10.d78: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
f10.d78: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' - & gt; '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029e8b1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
f10.d78: supR3HardenedDllNotificationCallback: load 000007fefb200000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb200000 'C:\Windows\system32\uxtheme.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029e2f1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb200000 'C:\Windows\system32\uxtheme.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029e061: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb200000 'C:\Windows\system32\uxtheme.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029e061: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb200000 'C:\Windows\system32\uxtheme.dll'
f10.d78: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
f10.d78: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000029e7f1: & lt; flags & gt; [calling]
f10.d78: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9b0000 'C:\Windows\system32\CRYPTBASE.dll'
7d4.b64: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1266 ms, the end);
1320.470: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1889 ms, the end);