Ticket #13807: VBoxStartup.log

File VBoxStartup.log, 287.2 KB (added by mnman, 10 years ago)

Line
1	1080.1084: Log file opened: 4.3.21r97963 g_hStartupLog=00000000000000c0 g_uNtVerCombined=0x611db110
2	1080.1084: \SystemRoot\System32\ntdll.dll:
3	1080.1084: CreationTime: 2013-10-11T00:27:08.898984800Z
4	1080.1084: LastWriteTime: 2013-08-29T02:16:35.515578900Z
5	1080.1084: ChangeTime: 2014-12-15T16:32:10.938403200Z
6	1080.1084: FileAttributes: 0x20
7	1080.1084: Size: 0x1a6dc0
8	1080.1084: NT Headers: 0xe0
9	1080.1084: Timestamp: 0x521eaf24
10	1080.1084: Machine: 0x8664 - amd64
11	1080.1084: Timestamp: 0x521eaf24
12	1080.1084: Image Version: 6.1
13	1080.1084: SizeOfImage: 0x1a9000 (1740800)
14	1080.1084: Resource Dir: 0x151000 LB 0x560d8
15	1080.1084: ProductName: Microsoft® Windows® Operating System
16	1080.1084: ProductVersion: 6.1.7601.18247
17	1080.1084: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
18	1080.1084: FileDescription: NT Layer DLL
19	1080.1084: \SystemRoot\System32\kernel32.dll:
20	1080.1084: CreationTime: 2014-04-08T17:52:11.563330500Z
21	1080.1084: LastWriteTime: 2014-03-04T09:44:00.336000000Z
22	1080.1084: ChangeTime: 2014-12-15T16:32:06.941796100Z
23	1080.1084: FileAttributes: 0x20
24	1080.1084: Size: 0x11c000
25	1080.1084: NT Headers: 0xe8
26	1080.1084: Timestamp: 0x5315a059
27	1080.1084: Machine: 0x8664 - amd64
28	1080.1084: Timestamp: 0x5315a059
29	1080.1084: Image Version: 6.1
30	1080.1084: SizeOfImage: 0x11f000 (1175552)
31	1080.1084: Resource Dir: 0x116000 LB 0x528
32	1080.1084: ProductName: Microsoft® Windows® Operating System
33	1080.1084: ProductVersion: 6.1.7601.18409
34	1080.1084: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
35	1080.1084: FileDescription: Windows NT BASE API Client DLL
36	1080.1084: \SystemRoot\System32\KernelBase.dll:
37	1080.1084: CreationTime: 2014-05-14T14:19:49.655911900Z
38	1080.1084: LastWriteTime: 2014-03-04T09:44:00.336000000Z
39	1080.1084: ChangeTime: 2014-12-15T16:32:06.972996100Z
40	1080.1084: FileAttributes: 0x20
41	1080.1084: Size: 0x67c00
42	1080.1084: NT Headers: 0xe8
43	1080.1084: Timestamp: 0x5315a05a
44	1080.1084: Machine: 0x8664 - amd64
45	1080.1084: Timestamp: 0x5315a05a
46	1080.1084: Image Version: 6.1
47	1080.1084: SizeOfImage: 0x6c000 (442368)
48	1080.1084: Resource Dir: 0x6a000 LB 0x530
49	1080.1084: ProductName: Microsoft® Windows® Operating System
50	1080.1084: ProductVersion: 6.1.7601.18409
51	1080.1084: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
52	1080.1084: FileDescription: Windows NT BASE API Client DLL
53	1080.1084: \SystemRoot\System32\apisetschema.dll:
54	1080.1084: CreationTime: 2013-09-13T00:27:27.125703100Z
55	1080.1084: LastWriteTime: 2013-08-02T02:12:20.275000000Z
56	1080.1084: ChangeTime: 2014-12-15T16:32:16.182012500Z
57	1080.1084: FileAttributes: 0x20
58	1080.1084: Size: 0x1a00
59	1080.1084: NT Headers: 0xc0
60	1080.1084: Timestamp: 0x51fb15ca
61	1080.1084: Machine: 0x8664 - amd64
62	1080.1084: Timestamp: 0x51fb15ca
63	1080.1084: Image Version: 6.1
64	1080.1084: SizeOfImage: 0x50000 (327680)
65	1080.1084: Resource Dir: 0x30000 LB 0x3f8
66	1080.1084: ProductName: Microsoft® Windows® Operating System
67	1080.1084: ProductVersion: 6.1.7601.18229
68	1080.1084: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
69	1080.1084: FileDescription: ApiSet Schema DLL
70	1080.1084: Found driver NisDrv (0x400)
71	1080.1084: supR3HardenedWinFindAdversaries: 0x480
72	1080.1084: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
73	1080.1084: CreationTime: 2014-08-29T14:06:38.460628200Z
74	1080.1084: LastWriteTime: 2015-01-29T06:47:45.918771800Z
75	1080.1084: ChangeTime: 2015-01-29T06:47:45.918771800Z
76	1080.1084: FileAttributes: 0x20
77	1080.1084: Size: 0x1fad8
78	1080.1084: NT Headers: 0xd8
79	1080.1084: Timestamp: 0x541caaaf
80	1080.1084: Machine: 0x8664 - amd64
81	1080.1084: Timestamp: 0x541caaaf
82	1080.1084: Image Version: 6.1
83	1080.1084: SizeOfImage: 0x23000 (143360)
84	1080.1084: Resource Dir: 0x22000 LB 0x3f0
85	1080.1084: ProductName: Malwarebytes Anti-Malware
86	1080.1084: ProductVersion: 0.2.13.0
87	1080.1084: FileVersion: 0.2.13.0
88	1080.1084: FileDescription: Malwarebytes Anti-Malware
89	1080.1084: \SystemRoot\System32\drivers\mwac.sys:
90	1080.1084: CreationTime: 2014-08-29T14:06:17.837392200Z
91	1080.1084: LastWriteTime: 2014-11-21T12:14:22.000000000Z
92	1080.1084: ChangeTime: 2014-12-05T05:38:29.313527300Z
93	1080.1084: FileAttributes: 0x20
94	1080.1084: Size: 0xf8d8
95	1080.1084: NT Headers: 0xf8
96	1080.1084: Timestamp: 0x53a0f42a
97	1080.1084: Machine: 0x8664 - amd64
98	1080.1084: Timestamp: 0x53a0f42a
99	1080.1084: Image Version: 6.2
100	1080.1084: SizeOfImage: 0x12000 (73728)
101	1080.1084: Resource Dir: 0x10000 LB 0x3e0
102	1080.1084: ProductName: Malwarebytes Web Access Control
103	1080.1084: ProductVersion: 1.0.6.0
104	1080.1084: FileVersion: 1.0.6.0
105	1080.1084: FileDescription: Malwarebytes Web Access Control
106	1080.1084: \SystemRoot\System32\drivers\mbamchameleon.sys:
107	1080.1084: CreationTime: 2014-08-29T14:06:17.868592300Z
108	1080.1084: LastWriteTime: 2014-11-21T12:14:12.000000000Z
109	1080.1084: ChangeTime: 2014-12-05T05:38:29.516327600Z
110	1080.1084: FileAttributes: 0x20
111	1080.1084: Size: 0x16cd8
112	1080.1084: NT Headers: 0xe0
113	1080.1084: Timestamp: 0x53f2136a
114	1080.1084: Machine: 0x8664 - amd64
115	1080.1084: Timestamp: 0x53f2136a
116	1080.1084: Image Version: 6.1
117	1080.1084: SizeOfImage: 0x1a000 (106496)
118	1080.1084: Resource Dir: 0x18000 LB 0xbd0
119	1080.1084: ProductName: Malwarebytes Chameleon
120	1080.1084: ProductVersion: 1.1.4.0
121	1080.1084: FileVersion: 1.1.4.0
122	1080.1084: FileDescription: Malwarebytes Chameleon Protection Driver
123	1080.1084: \SystemRoot\System32\drivers\mbam.sys:
124	1080.1084: CreationTime: 2014-08-29T14:06:17.821792200Z
125	1080.1084: LastWriteTime: 2014-11-21T12:14:08.000000000Z
126	1080.1084: ChangeTime: 2014-12-05T05:38:29.297927200Z
127	1080.1084: FileAttributes: 0x20
128	1080.1084: Size: 0x64d8
129	1080.1084: NT Headers: 0xd8
130	1080.1084: Timestamp: 0x540754e1
131	1080.1084: Machine: 0x8664 - amd64
132	1080.1084: Timestamp: 0x540754e1
133	1080.1084: Image Version: 6.1
134	1080.1084: SizeOfImage: 0xa000 (40960)
135	1080.1084: Resource Dir: 0x8000 LB 0x3d0
136	1080.1084: ProductName: Malwarebytes Anti-Malware
137	1080.1084: ProductVersion: 0.1.15.0
138	1080.1084: FileVersion: 0.1.15.0
139	1080.1084: FileDescription: Malwarebytes Anti-Malware
140	1080.1084: \SystemRoot\System32\drivers\MpFilter.sys:
141	1080.1084: CreationTime: 2014-07-17T23:05:06.000000000Z
142	1080.1084: LastWriteTime: 2014-07-17T23:05:06.000000000Z
143	1080.1084: ChangeTime: 2014-09-09T23:22:15.541298400Z
144	1080.1084: FileAttributes: 0x20
145	1080.1084: Size: 0x41ad0
146	1080.1084: NT Headers: 0xf0
147	1080.1084: Timestamp: 0x53bdfdba
148	1080.1084: Machine: 0x8664 - amd64
149	1080.1084: Timestamp: 0x53bdfdba
150	1080.1084: Image Version: 6.3
151	1080.1084: SizeOfImage: 0x42000 (270336)
152	1080.1084: Resource Dir: 0x40000 LB 0xd50
153	1080.1084: ProductName: Microsoft Malware Protection
154	1080.1084: ProductVersion: 4.6.0300.0
155	1080.1084: FileVersion: 4.6.0300.0
156	1080.1084: FileDescription: Microsoft antimalware file system filter driver
157	1080.1084: \SystemRoot\System32\drivers\NisDrvWFP.sys:
158	1080.1084: CreationTime: 2014-03-11T14:52:30.000000000Z
159	1080.1084: LastWriteTime: 2014-07-17T23:05:06.000000000Z
160	1080.1084: ChangeTime: 2014-09-09T23:22:14.801256100Z
161	1080.1084: FileAttributes: 0x20
162	1080.1084: Size: 0x1ea90
163	1080.1084: NT Headers: 0xe0
164	1080.1084: Timestamp: 0x53bdfde3
165	1080.1084: Machine: 0x8664 - amd64
166	1080.1084: Timestamp: 0x53bdfde3
167	1080.1084: Image Version: 6.3
168	1080.1084: SizeOfImage: 0x1f000 (126976)
169	1080.1084: Resource Dir: 0x1c000 LB 0x1b90
170	1080.1084: ProductName: Microsoft Malware Protection
171	1080.1084: ProductVersion: 4.6.0300.0
172	1080.1084: FileVersion: 4.6.0300.0
173	1080.1084: FileDescription: Microsoft Network Realtime Inspection Driver
174	1080.1084: Calling main()
175	1080.1084: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
176	1080.1084: SUPR3HardenedMain: Respawn #1
177	1080.1084: System32: \Device\HarddiskVolume2\Windows\System32
178	1080.1084: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
179	1080.1084: KnownDllPath: C:\Windows\system32
180	1080.1084: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
181	1080.1084: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
182	1080.1084: supR3HardNtEnableThreadCreation:
183	1080.1084: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007773c340 pvNtTerminateThread=00000000777617e0
184	1080.1084: supR3HardenedWinDoReSpawn(1): New child 1088.108c [kernel32].
185	1080.1084: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd4000 cbPeb=0x380
186	1080.1084: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077710000 uNtDllChildAddr=0000000077710000
187	1080.1084: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007773c340
188	1080.1084: supR3HardenedWinSetupChildInit: Start child.
189	1080.1084: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 10 ms.
190	1080.1084: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 52 sleeps
191	1080.1084: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
192	1080.1084: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
193	1080.1084: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
194	1080.1084: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
195	1080.1084: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
196	1080.1084: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
197	1080.1084: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
198	1080.1084: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
199	1080.1084: 0000000000051000-ffffffffffee1fff 0x0001/0x0000 0x0000000
200	1080.1084: *00000000001c0000-00000000000c3fff 0x0000/0x0004 0x0020000
201	1080.1084: 00000000002bc000-00000000002b8fff 0x0104/0x0004 0x0020000
202	1080.1084: 00000000002bf000-00000000002bdfff 0x0004/0x0004 0x0020000
203	1080.1084: 00000000002c0000-ffffffff88e6ffff 0x0001/0x0000 0x0000000
204	1080.1084: *0000000077710000-000000007770efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
205	1080.1084: 0000000077711000-000000007760efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
206	1080.1084: 0000000077813000-00000000777e3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
207	1080.1084: 0000000077842000-0000000077839fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
208	1080.1084: 000000007784a000-0000000077848fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
209	1080.1084: 000000007784b000-0000000077847fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
210	1080.1084: 000000007784e000-00000000777e2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
211	1080.1084: 00000000778b9000-0000000070191fff 0x0001/0x0000 0x0000000
212	1080.1084: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
213	1080.1084: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
214	1080.1084: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
215	1080.1084: 000000007fff0000-ffffffffc0a5ffff 0x0001/0x0000 0x0000000
216	1080.1084: *000000013f580000-000000013f57efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
217	1080.1084: 000000013f581000-000000013f4fcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
218	1080.1084: 000000013f605000-000000013f603fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
219	1080.1084: 000000013f606000-000000013f5c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
220	1080.1084: 000000013f643000-000000013f641fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
221	1080.1084: 000000013f644000-000000013f642fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
222	1080.1084: 000000013f645000-000000013f642fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
223	1080.1084: 000000013f647000-000000013f645fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
224	1080.1084: 000000013f648000-000000013f646fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
225	1080.1084: 000000013f649000-000000013f644fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
226	1080.1084: 000000013f64d000-000000013f613fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
227	1080.1084: 000000013f686000-fffff8037f2dbfff 0x0001/0x0000 0x0000000
228	1080.1084: *000007feffa30000-000007feffa2efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
229	1080.1084: 000007feffa31000-000007fdff4b1fff 0x0001/0x0000 0x0000000
230	1080.1084: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
231	1080.1084: 000007fffffd3000-000007fffffd1fff 0x0001/0x0000 0x0000000
232	1080.1084: *000007fffffd4000-000007fffffd2fff 0x0004/0x0004 0x0020000
233	1080.1084: 000007fffffd5000-000007fffffcbfff 0x0001/0x0000 0x0000000
234	1080.1084: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
235	1080.1084: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
236	1080.1084: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
237	1080.1084: VirtualBox.exe: timestamp 0x54cb639b (rc=VINF_SUCCESS)
238	1080.1084: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
239	1080.1084: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
240	1080.1084: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
241	1080.1084: supR3HardNtChildPurify: Done after 540 ms and 0 fixes (loop #0).
242	1080.1084: supR3HardNtEnableThreadCreation:
243	1088.108c: Log file opened: 4.3.21r97963 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
244	1088.108c: supR3HardenedVmProcessInit: uNtDllAddr=0000000077710000
245	1088.108c: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
246	1088.108c: New simple heap: #1 00000000002c0000 LB 0x400000 (for 1740800 allocation)
247	1088.108c: System32: \Device\HarddiskVolume2\Windows\System32
248	1088.108c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
249	1088.108c: KnownDllPath: C:\Windows\system32
250	1088.108c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
251	1088.108c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
252	1088.108c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
253	1088.108c: Registered Dll notification callback with NTDLL.
254	1088.108c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
255	1088.108c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
256	1088.108c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
257	1088.108c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
258	1088.108c: supR3HardenedDllNotificationCallback: load 00000000774f0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
259	1088.108c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
260	1088.108c: supR3HardenedDllNotificationCallback: load 000007fefd7d0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
261	1088.108c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
262	1088.108c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
263	1088.108c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774f0000 'C:\Windows\system32\kernel32.dll'
264	1088.108c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007773c340 pvNtTerminateThread=00000000777617e0
265	1080.1084: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 50 ms.
266	1088.108c: \SystemRoot\System32\ntdll.dll:
267	1088.108c: CreationTime: 2013-10-11T00:27:08.898984800Z
268	1088.108c: LastWriteTime: 2013-08-29T02:16:35.515578900Z
269	1088.108c: ChangeTime: 2014-12-15T16:32:10.938403200Z
270	1088.108c: FileAttributes: 0x20
271	1088.108c: Size: 0x1a6dc0
272	1088.108c: NT Headers: 0xe0
273	1088.108c: Timestamp: 0x521eaf24
274	1088.108c: Machine: 0x8664 - amd64
275	1088.108c: Timestamp: 0x521eaf24
276	1088.108c: Image Version: 6.1
277	1088.108c: SizeOfImage: 0x1a9000 (1740800)
278	1088.108c: Resource Dir: 0x151000 LB 0x560d8
279	1088.108c: ProductName: Microsoft® Windows® Operating System
280	1088.108c: ProductVersion: 6.1.7601.18247
281	1088.108c: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
282	1088.108c: FileDescription: NT Layer DLL
283	1088.108c: \SystemRoot\System32\kernel32.dll:
284	1088.108c: CreationTime: 2014-04-08T17:52:11.563330500Z
285	1088.108c: LastWriteTime: 2014-03-04T09:44:00.336000000Z
286	1088.108c: ChangeTime: 2014-12-15T16:32:06.941796100Z
287	1088.108c: FileAttributes: 0x20
288	1088.108c: Size: 0x11c000
289	1088.108c: NT Headers: 0xe8
290	1088.108c: Timestamp: 0x5315a059
291	1088.108c: Machine: 0x8664 - amd64
292	1088.108c: Timestamp: 0x5315a059
293	1088.108c: Image Version: 6.1
294	1088.108c: SizeOfImage: 0x11f000 (1175552)
295	1088.108c: Resource Dir: 0x116000 LB 0x528
296	1088.108c: ProductName: Microsoft® Windows® Operating System
297	1088.108c: ProductVersion: 6.1.7601.18409
298	1088.108c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
299	1088.108c: FileDescription: Windows NT BASE API Client DLL
300	1088.108c: \SystemRoot\System32\KernelBase.dll:
301	1088.108c: CreationTime: 2014-05-14T14:19:49.655911900Z
302	1088.108c: LastWriteTime: 2014-03-04T09:44:00.336000000Z
303	1088.108c: ChangeTime: 2014-12-15T16:32:06.972996100Z
304	1088.108c: FileAttributes: 0x20
305	1088.108c: Size: 0x67c00
306	1088.108c: NT Headers: 0xe8
307	1088.108c: Timestamp: 0x5315a05a
308	1088.108c: Machine: 0x8664 - amd64
309	1088.108c: Timestamp: 0x5315a05a
310	1088.108c: Image Version: 6.1
311	1088.108c: SizeOfImage: 0x6c000 (442368)
312	1088.108c: Resource Dir: 0x6a000 LB 0x530
313	1088.108c: ProductName: Microsoft® Windows® Operating System
314	1088.108c: ProductVersion: 6.1.7601.18409
315	1088.108c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
316	1088.108c: FileDescription: Windows NT BASE API Client DLL
317	1088.108c: \SystemRoot\System32\apisetschema.dll:
318	1088.108c: CreationTime: 2013-09-13T00:27:27.125703100Z
319	1088.108c: LastWriteTime: 2013-08-02T02:12:20.275000000Z
320	1088.108c: ChangeTime: 2014-12-15T16:32:16.182012500Z
321	1088.108c: FileAttributes: 0x20
322	1088.108c: Size: 0x1a00
323	1088.108c: NT Headers: 0xc0
324	1088.108c: Timestamp: 0x51fb15ca
325	1088.108c: Machine: 0x8664 - amd64
326	1088.108c: Timestamp: 0x51fb15ca
327	1088.108c: Image Version: 6.1
328	1088.108c: SizeOfImage: 0x50000 (327680)
329	1088.108c: Resource Dir: 0x30000 LB 0x3f8
330	1088.108c: ProductName: Microsoft® Windows® Operating System
331	1088.108c: ProductVersion: 6.1.7601.18229
332	1088.108c: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
333	1088.108c: FileDescription: ApiSet Schema DLL
334	1088.108c: Found driver NisDrv (0x400)
335	1088.108c: supR3HardenedWinFindAdversaries: 0x480
336	1088.108c: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
337	1088.108c: CreationTime: 2014-08-29T14:06:38.460628200Z
338	1088.108c: LastWriteTime: 2015-01-29T06:47:45.918771800Z
339	1088.108c: ChangeTime: 2015-01-29T06:47:45.918771800Z
340	1088.108c: FileAttributes: 0x20
341	1088.108c: Size: 0x1fad8
342	1088.108c: NT Headers: 0xd8
343	1088.108c: Timestamp: 0x541caaaf
344	1088.108c: Machine: 0x8664 - amd64
345	1088.108c: Timestamp: 0x541caaaf
346	1088.108c: Image Version: 6.1
347	1088.108c: SizeOfImage: 0x23000 (143360)
348	1088.108c: Resource Dir: 0x22000 LB 0x3f0
349	1088.108c: ProductName: Malwarebytes Anti-Malware
350	1088.108c: ProductVersion: 0.2.13.0
351	1088.108c: FileVersion: 0.2.13.0
352	1088.108c: FileDescription: Malwarebytes Anti-Malware
353	1088.108c: \SystemRoot\System32\drivers\mwac.sys:
354	1088.108c: CreationTime: 2014-08-29T14:06:17.837392200Z
355	1088.108c: LastWriteTime: 2014-11-21T12:14:22.000000000Z
356	1088.108c: ChangeTime: 2014-12-05T05:38:29.313527300Z
357	1088.108c: FileAttributes: 0x20
358	1088.108c: Size: 0xf8d8
359	1088.108c: NT Headers: 0xf8
360	1088.108c: Timestamp: 0x53a0f42a
361	1088.108c: Machine: 0x8664 - amd64
362	1088.108c: Timestamp: 0x53a0f42a
363	1088.108c: Image Version: 6.2
364	1088.108c: SizeOfImage: 0x12000 (73728)
365	1088.108c: Resource Dir: 0x10000 LB 0x3e0
366	1088.108c: ProductName: Malwarebytes Web Access Control
367	1088.108c: ProductVersion: 1.0.6.0
368	1088.108c: FileVersion: 1.0.6.0
369	1088.108c: FileDescription: Malwarebytes Web Access Control
370	1088.108c: \SystemRoot\System32\drivers\mbamchameleon.sys:
371	1088.108c: CreationTime: 2014-08-29T14:06:17.868592300Z
372	1088.108c: LastWriteTime: 2014-11-21T12:14:12.000000000Z
373	1088.108c: ChangeTime: 2014-12-05T05:38:29.516327600Z
374	1088.108c: FileAttributes: 0x20
375	1088.108c: Size: 0x16cd8
376	1088.108c: NT Headers: 0xe0
377	1088.108c: Timestamp: 0x53f2136a
378	1088.108c: Machine: 0x8664 - amd64
379	1088.108c: Timestamp: 0x53f2136a
380	1088.108c: Image Version: 6.1
381	1088.108c: SizeOfImage: 0x1a000 (106496)
382	1088.108c: Resource Dir: 0x18000 LB 0xbd0
383	1088.108c: ProductName: Malwarebytes Chameleon
384	1088.108c: ProductVersion: 1.1.4.0
385	1088.108c: FileVersion: 1.1.4.0
386	1088.108c: FileDescription: Malwarebytes Chameleon Protection Driver
387	1088.108c: \SystemRoot\System32\drivers\mbam.sys:
388	1088.108c: CreationTime: 2014-08-29T14:06:17.821792200Z
389	1088.108c: LastWriteTime: 2014-11-21T12:14:08.000000000Z
390	1088.108c: ChangeTime: 2014-12-05T05:38:29.297927200Z
391	1088.108c: FileAttributes: 0x20
392	1088.108c: Size: 0x64d8
393	1088.108c: NT Headers: 0xd8
394	1088.108c: Timestamp: 0x540754e1
395	1088.108c: Machine: 0x8664 - amd64
396	1088.108c: Timestamp: 0x540754e1
397	1088.108c: Image Version: 6.1
398	1088.108c: SizeOfImage: 0xa000 (40960)
399	1088.108c: Resource Dir: 0x8000 LB 0x3d0
400	1088.108c: ProductName: Malwarebytes Anti-Malware
401	1088.108c: ProductVersion: 0.1.15.0
402	1088.108c: FileVersion: 0.1.15.0
403	1088.108c: FileDescription: Malwarebytes Anti-Malware
404	1088.108c: \SystemRoot\System32\drivers\MpFilter.sys:
405	1088.108c: CreationTime: 2014-07-17T23:05:06.000000000Z
406	1088.108c: LastWriteTime: 2014-07-17T23:05:06.000000000Z
407	1088.108c: ChangeTime: 2014-09-09T23:22:15.541298400Z
408	1088.108c: FileAttributes: 0x20
409	1088.108c: Size: 0x41ad0
410	1088.108c: NT Headers: 0xf0
411	1088.108c: Timestamp: 0x53bdfdba
412	1088.108c: Machine: 0x8664 - amd64
413	1088.108c: Timestamp: 0x53bdfdba
414	1088.108c: Image Version: 6.3
415	1088.108c: SizeOfImage: 0x42000 (270336)
416	1088.108c: Resource Dir: 0x40000 LB 0xd50
417	1088.108c: ProductName: Microsoft Malware Protection
418	1088.108c: ProductVersion: 4.6.0300.0
419	1088.108c: FileVersion: 4.6.0300.0
420	1088.108c: FileDescription: Microsoft antimalware file system filter driver
421	1088.108c: \SystemRoot\System32\drivers\NisDrvWFP.sys:
422	1088.108c: CreationTime: 2014-03-11T14:52:30.000000000Z
423	1088.108c: LastWriteTime: 2014-07-17T23:05:06.000000000Z
424	1088.108c: ChangeTime: 2014-09-09T23:22:14.801256100Z
425	1088.108c: FileAttributes: 0x20
426	1088.108c: Size: 0x1ea90
427	1088.108c: NT Headers: 0xe0
428	1088.108c: Timestamp: 0x53bdfde3
429	1088.108c: Machine: 0x8664 - amd64
430	1088.108c: Timestamp: 0x53bdfde3
431	1088.108c: Image Version: 6.3
432	1088.108c: SizeOfImage: 0x1f000 (126976)
433	1088.108c: Resource Dir: 0x1c000 LB 0x1b90
434	1088.108c: ProductName: Microsoft Malware Protection
435	1088.108c: ProductVersion: 4.6.0300.0
436	1088.108c: FileVersion: 4.6.0300.0
437	1088.108c: FileDescription: Microsoft Network Realtime Inspection Driver
438	1088.108c: Calling main()
439	1088.108c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
440	1088.108c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
441	1088.108c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
442	1088.108c: SUPR3HardenedMain: Respawn #2
443	1088.108c: supR3HardNtEnableThreadCreation:
444	1088.108c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
445	1088.108c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
446	1088.108c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
447	1088.108c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
448	1088.108c: supR3HardenedDllNotificationCallback: load 000007fefd2d0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
449	1088.108c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
450	1088.108c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2d0000 'C:\Windows\system32\apphelp.dll'
451	1088.108c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007773c340 pvNtTerminateThread=00000000777617e0
452	1088.108c: supR3HardenedWinDoReSpawn(2): New child 10b8.10bc [kernel32].
453	1088.108c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
454	1088.108c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077710000 uNtDllChildAddr=0000000077710000
455	1088.108c: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007773c340
456	1088.108c: supR3HardenedWinSetupChildInit: Start child.
457	1088.108c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
458	1088.108c: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 52 sleeps
459	1088.108c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
460	1088.108c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
461	1088.108c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
462	1088.108c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
463	1088.108c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
464	1088.108c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
465	1088.108c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
466	1088.108c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
467	1088.108c: 0000000000051000-fffffffffff61fff 0x0001/0x0000 0x0000000
468	1088.108c: *0000000000140000-0000000000043fff 0x0000/0x0004 0x0020000
469	1088.108c: 000000000023c000-0000000000238fff 0x0104/0x0004 0x0020000
470	1088.108c: 000000000023f000-000000000023dfff 0x0004/0x0004 0x0020000
471	1088.108c: 0000000000240000-ffffffff88d6ffff 0x0001/0x0000 0x0000000
472	1088.108c: *0000000077710000-000000007770efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
473	1088.108c: 0000000077711000-000000007760efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
474	1088.108c: 0000000077813000-00000000777e3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
475	1088.108c: 0000000077842000-0000000077839fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
476	1088.108c: 000000007784a000-0000000077848fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
477	1088.108c: 000000007784b000-0000000077847fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
478	1088.108c: 000000007784e000-00000000777e2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
479	1088.108c: 00000000778b9000-0000000070191fff 0x0001/0x0000 0x0000000
480	1088.108c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
481	1088.108c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
482	1088.108c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
483	1088.108c: 000000007fff0000-ffffffffc0a5ffff 0x0001/0x0000 0x0000000
484	1088.108c: *000000013f580000-000000013f57efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
485	1088.108c: 000000013f581000-000000013f4fcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
486	1088.108c: 000000013f605000-000000013f603fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
487	1088.108c: 000000013f606000-000000013f5c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
488	1088.108c: 000000013f643000-000000013f641fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
489	1088.108c: 000000013f644000-000000013f642fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
490	1088.108c: 000000013f645000-000000013f642fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
491	1088.108c: 000000013f647000-000000013f645fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
492	1088.108c: 000000013f648000-000000013f646fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
493	1088.108c: 000000013f649000-000000013f644fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
494	1088.108c: 000000013f64d000-000000013f613fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
495	1088.108c: 000000013f686000-fffff8037f2dbfff 0x0001/0x0000 0x0000000
496	1088.108c: *000007feffa30000-000007feffa2efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
497	1088.108c: 000007feffa31000-000007fdff4b1fff 0x0001/0x0000 0x0000000
498	1088.108c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
499	1088.108c: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
500	1088.108c: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
501	1088.108c: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
502	1088.108c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
503	1088.108c: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
504	1088.108c: VirtualBox.exe: timestamp 0x54cb639b (rc=VINF_SUCCESS)
505	1088.108c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
506	1088.108c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
507	1088.108c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
508	1088.108c: supR3HardNtChildPurify: Done after 540 ms and 0 fixes (loop #0).
509	1088.108c: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002c0000 LB 0x400000)
510	1088.108c: supR3HardNtEnableThreadCreation:
511	10b8.10bc: Log file opened: 4.3.21r97963 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
512	10b8.10bc: supR3HardenedVmProcessInit: uNtDllAddr=0000000077710000
513	10b8.10bc: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
514	10b8.10bc: New simple heap: #1 0000000000340000 LB 0x400000 (for 1740800 allocation)
515	10b8.10bc: System32: \Device\HarddiskVolume2\Windows\System32
516	10b8.10bc: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
517	10b8.10bc: KnownDllPath: C:\Windows\system32
518	10b8.10bc: supR3HardenedVmProcessInit: Opening vboxdrv...
519	10b8.10bc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
520	10b8.10bc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
521	10b8.10bc: Registered Dll notification callback with NTDLL.
522	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
523	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
524	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
525	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
526	10b8.10bc: supR3HardenedDllNotificationCallback: load 00000000774f0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
527	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
528	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd7d0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
529	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
530	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
531	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774f0000 'C:\Windows\system32\kernel32.dll'
532	10b8.10bc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007773c340 pvNtTerminateThread=00000000777617e0
533	1088.108c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 30 ms.
534	10b8.10bc: \SystemRoot\System32\ntdll.dll:
535	10b8.10bc: CreationTime: 2013-10-11T00:27:08.898984800Z
536	10b8.10bc: LastWriteTime: 2013-08-29T02:16:35.515578900Z
537	10b8.10bc: ChangeTime: 2014-12-15T16:32:10.938403200Z
538	10b8.10bc: FileAttributes: 0x20
539	10b8.10bc: Size: 0x1a6dc0
540	10b8.10bc: NT Headers: 0xe0
541	10b8.10bc: Timestamp: 0x521eaf24
542	10b8.10bc: Machine: 0x8664 - amd64
543	10b8.10bc: Timestamp: 0x521eaf24
544	10b8.10bc: Image Version: 6.1
545	10b8.10bc: SizeOfImage: 0x1a9000 (1740800)
546	10b8.10bc: Resource Dir: 0x151000 LB 0x560d8
547	10b8.10bc: ProductName: Microsoft® Windows® Operating System
548	10b8.10bc: ProductVersion: 6.1.7601.18247
549	10b8.10bc: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
550	10b8.10bc: FileDescription: NT Layer DLL
551	10b8.10bc: \SystemRoot\System32\kernel32.dll:
552	10b8.10bc: CreationTime: 2014-04-08T17:52:11.563330500Z
553	10b8.10bc: LastWriteTime: 2014-03-04T09:44:00.336000000Z
554	10b8.10bc: ChangeTime: 2014-12-15T16:32:06.941796100Z
555	10b8.10bc: FileAttributes: 0x20
556	10b8.10bc: Size: 0x11c000
557	10b8.10bc: NT Headers: 0xe8
558	10b8.10bc: Timestamp: 0x5315a059
559	10b8.10bc: Machine: 0x8664 - amd64
560	10b8.10bc: Timestamp: 0x5315a059
561	10b8.10bc: Image Version: 6.1
562	10b8.10bc: SizeOfImage: 0x11f000 (1175552)
563	10b8.10bc: Resource Dir: 0x116000 LB 0x528
564	10b8.10bc: ProductName: Microsoft® Windows® Operating System
565	10b8.10bc: ProductVersion: 6.1.7601.18409
566	10b8.10bc: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
567	10b8.10bc: FileDescription: Windows NT BASE API Client DLL
568	10b8.10bc: \SystemRoot\System32\KernelBase.dll:
569	10b8.10bc: CreationTime: 2014-05-14T14:19:49.655911900Z
570	10b8.10bc: LastWriteTime: 2014-03-04T09:44:00.336000000Z
571	10b8.10bc: ChangeTime: 2014-12-15T16:32:06.972996100Z
572	10b8.10bc: FileAttributes: 0x20
573	10b8.10bc: Size: 0x67c00
574	10b8.10bc: NT Headers: 0xe8
575	10b8.10bc: Timestamp: 0x5315a05a
576	10b8.10bc: Machine: 0x8664 - amd64
577	10b8.10bc: Timestamp: 0x5315a05a
578	10b8.10bc: Image Version: 6.1
579	10b8.10bc: SizeOfImage: 0x6c000 (442368)
580	10b8.10bc: Resource Dir: 0x6a000 LB 0x530
581	10b8.10bc: ProductName: Microsoft® Windows® Operating System
582	10b8.10bc: ProductVersion: 6.1.7601.18409
583	10b8.10bc: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
584	10b8.10bc: FileDescription: Windows NT BASE API Client DLL
585	10b8.10bc: \SystemRoot\System32\apisetschema.dll:
586	10b8.10bc: CreationTime: 2013-09-13T00:27:27.125703100Z
587	10b8.10bc: LastWriteTime: 2013-08-02T02:12:20.275000000Z
588	10b8.10bc: ChangeTime: 2014-12-15T16:32:16.182012500Z
589	10b8.10bc: FileAttributes: 0x20
590	10b8.10bc: Size: 0x1a00
591	10b8.10bc: NT Headers: 0xc0
592	10b8.10bc: Timestamp: 0x51fb15ca
593	10b8.10bc: Machine: 0x8664 - amd64
594	10b8.10bc: Timestamp: 0x51fb15ca
595	10b8.10bc: Image Version: 6.1
596	10b8.10bc: SizeOfImage: 0x50000 (327680)
597	10b8.10bc: Resource Dir: 0x30000 LB 0x3f8
598	10b8.10bc: ProductName: Microsoft® Windows® Operating System
599	10b8.10bc: ProductVersion: 6.1.7601.18229
600	10b8.10bc: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
601	10b8.10bc: FileDescription: ApiSet Schema DLL
602	10b8.10bc: Found driver NisDrv (0x400)
603	10b8.10bc: supR3HardenedWinFindAdversaries: 0x480
604	10b8.10bc: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
605	10b8.10bc: CreationTime: 2014-08-29T14:06:38.460628200Z
606	10b8.10bc: LastWriteTime: 2015-01-29T06:47:45.918771800Z
607	10b8.10bc: ChangeTime: 2015-01-29T06:47:45.918771800Z
608	10b8.10bc: FileAttributes: 0x20
609	10b8.10bc: Size: 0x1fad8
610	10b8.10bc: NT Headers: 0xd8
611	10b8.10bc: Timestamp: 0x541caaaf
612	10b8.10bc: Machine: 0x8664 - amd64
613	10b8.10bc: Timestamp: 0x541caaaf
614	10b8.10bc: Image Version: 6.1
615	10b8.10bc: SizeOfImage: 0x23000 (143360)
616	10b8.10bc: Resource Dir: 0x22000 LB 0x3f0
617	10b8.10bc: ProductName: Malwarebytes Anti-Malware
618	10b8.10bc: ProductVersion: 0.2.13.0
619	10b8.10bc: FileVersion: 0.2.13.0
620	10b8.10bc: FileDescription: Malwarebytes Anti-Malware
621	10b8.10bc: \SystemRoot\System32\drivers\mwac.sys:
622	10b8.10bc: CreationTime: 2014-08-29T14:06:17.837392200Z
623	10b8.10bc: LastWriteTime: 2014-11-21T12:14:22.000000000Z
624	10b8.10bc: ChangeTime: 2014-12-05T05:38:29.313527300Z
625	10b8.10bc: FileAttributes: 0x20
626	10b8.10bc: Size: 0xf8d8
627	10b8.10bc: NT Headers: 0xf8
628	10b8.10bc: Timestamp: 0x53a0f42a
629	10b8.10bc: Machine: 0x8664 - amd64
630	10b8.10bc: Timestamp: 0x53a0f42a
631	10b8.10bc: Image Version: 6.2
632	10b8.10bc: SizeOfImage: 0x12000 (73728)
633	10b8.10bc: Resource Dir: 0x10000 LB 0x3e0
634	10b8.10bc: ProductName: Malwarebytes Web Access Control
635	10b8.10bc: ProductVersion: 1.0.6.0
636	10b8.10bc: FileVersion: 1.0.6.0
637	10b8.10bc: FileDescription: Malwarebytes Web Access Control
638	10b8.10bc: \SystemRoot\System32\drivers\mbamchameleon.sys:
639	10b8.10bc: CreationTime: 2014-08-29T14:06:17.868592300Z
640	10b8.10bc: LastWriteTime: 2014-11-21T12:14:12.000000000Z
641	10b8.10bc: ChangeTime: 2014-12-05T05:38:29.516327600Z
642	10b8.10bc: FileAttributes: 0x20
643	10b8.10bc: Size: 0x16cd8
644	10b8.10bc: NT Headers: 0xe0
645	10b8.10bc: Timestamp: 0x53f2136a
646	10b8.10bc: Machine: 0x8664 - amd64
647	10b8.10bc: Timestamp: 0x53f2136a
648	10b8.10bc: Image Version: 6.1
649	10b8.10bc: SizeOfImage: 0x1a000 (106496)
650	10b8.10bc: Resource Dir: 0x18000 LB 0xbd0
651	10b8.10bc: ProductName: Malwarebytes Chameleon
652	10b8.10bc: ProductVersion: 1.1.4.0
653	10b8.10bc: FileVersion: 1.1.4.0
654	10b8.10bc: FileDescription: Malwarebytes Chameleon Protection Driver
655	10b8.10bc: \SystemRoot\System32\drivers\mbam.sys:
656	10b8.10bc: CreationTime: 2014-08-29T14:06:17.821792200Z
657	10b8.10bc: LastWriteTime: 2014-11-21T12:14:08.000000000Z
658	10b8.10bc: ChangeTime: 2014-12-05T05:38:29.297927200Z
659	10b8.10bc: FileAttributes: 0x20
660	10b8.10bc: Size: 0x64d8
661	10b8.10bc: NT Headers: 0xd8
662	10b8.10bc: Timestamp: 0x540754e1
663	10b8.10bc: Machine: 0x8664 - amd64
664	10b8.10bc: Timestamp: 0x540754e1
665	10b8.10bc: Image Version: 6.1
666	10b8.10bc: SizeOfImage: 0xa000 (40960)
667	10b8.10bc: Resource Dir: 0x8000 LB 0x3d0
668	10b8.10bc: ProductName: Malwarebytes Anti-Malware
669	10b8.10bc: ProductVersion: 0.1.15.0
670	10b8.10bc: FileVersion: 0.1.15.0
671	10b8.10bc: FileDescription: Malwarebytes Anti-Malware
672	10b8.10bc: \SystemRoot\System32\drivers\MpFilter.sys:
673	10b8.10bc: CreationTime: 2014-07-17T23:05:06.000000000Z
674	10b8.10bc: LastWriteTime: 2014-07-17T23:05:06.000000000Z
675	10b8.10bc: ChangeTime: 2014-09-09T23:22:15.541298400Z
676	10b8.10bc: FileAttributes: 0x20
677	10b8.10bc: Size: 0x41ad0
678	10b8.10bc: NT Headers: 0xf0
679	10b8.10bc: Timestamp: 0x53bdfdba
680	10b8.10bc: Machine: 0x8664 - amd64
681	10b8.10bc: Timestamp: 0x53bdfdba
682	10b8.10bc: Image Version: 6.3
683	10b8.10bc: SizeOfImage: 0x42000 (270336)
684	10b8.10bc: Resource Dir: 0x40000 LB 0xd50
685	10b8.10bc: ProductName: Microsoft Malware Protection
686	10b8.10bc: ProductVersion: 4.6.0300.0
687	10b8.10bc: FileVersion: 4.6.0300.0
688	10b8.10bc: FileDescription: Microsoft antimalware file system filter driver
689	10b8.10bc: \SystemRoot\System32\drivers\NisDrvWFP.sys:
690	10b8.10bc: CreationTime: 2014-03-11T14:52:30.000000000Z
691	10b8.10bc: LastWriteTime: 2014-07-17T23:05:06.000000000Z
692	10b8.10bc: ChangeTime: 2014-09-09T23:22:14.801256100Z
693	10b8.10bc: FileAttributes: 0x20
694	10b8.10bc: Size: 0x1ea90
695	10b8.10bc: NT Headers: 0xe0
696	10b8.10bc: Timestamp: 0x53bdfde3
697	10b8.10bc: Machine: 0x8664 - amd64
698	10b8.10bc: Timestamp: 0x53bdfde3
699	10b8.10bc: Image Version: 6.3
700	10b8.10bc: SizeOfImage: 0x1f000 (126976)
701	10b8.10bc: Resource Dir: 0x1c000 LB 0x1b90
702	10b8.10bc: ProductName: Microsoft Malware Protection
703	10b8.10bc: ProductVersion: 4.6.0300.0
704	10b8.10bc: FileVersion: 4.6.0300.0
705	10b8.10bc: FileDescription: Microsoft Network Realtime Inspection Driver
706	10b8.10bc: Calling main()
707	10b8.10bc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
708	10b8.10bc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
709	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
710	10b8.10bc: SUPR3HardenedMain: Final process, opening VBoxDrv...
711	10b8.10bc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000340000 LB 0x400000)
712	10b8.10bc: supR3HardNtEnableThreadCreation:
713	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
714	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
715	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4fd0:C:\Windows\system32 [calling]
716	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
717	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fef0450000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
718	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
719	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
720	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
721	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0450000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
722	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
723	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
724	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0450000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
725	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0450000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
726	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
727	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
728	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
729	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
730	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
731	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
732	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
733	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
734	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
735	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
736	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
737	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
738	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
739	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
740	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
741	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
742	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
743	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
744	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
745	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
746	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
747	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
748	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
749	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
750	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
751	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
752	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
753	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
754	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
755	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
756	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4fd0:C:\Windows\system32 [calling]
757	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
758	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd840000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
759	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
760	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefdc40000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
761	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
762	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd520000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
763	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
764	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd4e0000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
765	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
766	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefee60000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
767	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
768	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd840000 'C:\Windows\system32\Wintrust.dll'
769	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
770	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
771	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
772	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
773	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefcca0000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
774	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
775	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcca0000 'C:\Windows\system32\CRYPTSP.dll'
776	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
777	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
778	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
779	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
780	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
781	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
782	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
783	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
784	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefc9b0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
785	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
786	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9b0000 'C:\Windows\system32\rsaenh.dll'
787	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
788	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
789	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
790	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
791	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
792	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
793	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
794	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
795	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
796	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
797	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
798	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
799	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feff470000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
800	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
801	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
802	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
803	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
804	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
805	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefef90000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
806	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
807	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff470000 'C:\Windows\system32\ADVAPI32.dll'
808	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
809	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
810	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
811	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
812	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
813	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
814	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
815	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
816	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
817	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
818	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd330000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
819	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
820	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd330000 'C:\Windows\system32\CRYPTBASE.dll'
821	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
822	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
823	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774f0000 'C:\Windows\system32\kernel32.dll'
824	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
825	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
826	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd840000 'C:\Windows\system32\WINTRUST.DLL'
827	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
828	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
829	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd520000 'C:\Windows\system32\CRYPT32.dll'
830	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
831	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
832	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
833	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
834	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
835	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
836	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
837	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
838	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
839	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
840	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
841	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
842	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefeba0000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
843	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
844	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeba0000 'C:\Windows\system32\imagehlp.dll'
845	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
846	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
847	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcca0000 'C:\Windows\system32\CRYPTSP.dll'
848	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
849	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
850	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
851	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
852	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
853	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
854	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
855	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
856	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
857	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
858	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
859	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
860	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
861	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
862	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
863	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
864	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
865	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
866	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
867	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
868	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
869	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
870	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
871	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
872	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
873	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
874	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
875	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
876	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
877	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
878	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
879	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
880	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
881	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
882	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
883	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
884	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
885	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
886	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
887	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
888	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
889	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
890	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
891	10b8.10bc: supR3HardenedDllNotificationCallback: load 0000000077610000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
892	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
893	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefdb30000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
894	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
895	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feff5d0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
896	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
897	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefdce0000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
898	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
899	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
900	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
901	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb30000 'C:\Windows\system32\gdi32.dll'
902	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
903	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
904	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
905	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
906	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
907	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
908	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
909	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
910	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
911	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
912	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
913	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
914	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
915	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
916	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
917	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
918	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
919	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
920	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
921	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
922	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
923	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
924	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
925	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
926	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
927	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
928	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
929	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
930	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
931	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
932	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
933	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
934	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
935	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefda80000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
936	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
937	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feff090000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
938	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
939	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda80000 'C:\Windows\system32\IMM32.DLL'
940	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077610000 'C:\Windows\system32\USER32.dll'
941	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
942	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
943	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
944	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
945	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
946	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
947	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
948	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
949	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
950	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
951	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
952	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
953	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
954	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
955	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
956	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
957	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
958	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefce50000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
959	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
960	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
961	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefce20000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
962	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
963	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce50000 'C:\Windows\system32\ncrypt.dll'
964	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
965	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
966	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
967	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
968	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
969	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
970	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
971	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
972	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
973	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
974	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
975	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
976	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefc8f0000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
977	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
978	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8f0000 'C:\Windows\system32\bcryptprimitives.dll'
979	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
980	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
981	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce20000 'C:\Windows\system32\bcrypt.dll'
982	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
983	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
984	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
985	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
986	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
987	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
988	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
989	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
990	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
991	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
992	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
993	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
994	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
995	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
996	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
997	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
998	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
999	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1000	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1001	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1002	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1003	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd7b0000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
1004	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1005	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd4d0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
1006	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1007	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd7b0000 'C:\Windows\system32\USERENV.dll'
1008	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1009	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1010	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1011	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1012	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1013	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1014	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
1015	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
1016	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1017	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1018	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1019	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1020	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1021	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1022	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1023	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1024	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefc7c0000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
1025	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1026	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc7c0000 'C:\Windows\system32\GPAPI.dll'
1027	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1028	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1029	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1030	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1031	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee60000 'C:\Windows\system32\rpcrt4.dll'
1032	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1033	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-WIN-Service-Management-L2-1-0.dll'
1034	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1035	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1036	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1037	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
1038	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
1039	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
1040	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
1041	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1042	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
1043	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
1044	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1045	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
1046	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1047	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1048	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1049	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1050	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1051	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1052	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1053	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1054	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1055	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1056	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1057	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1058	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1059	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1060	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1061	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fef9a20000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
1062	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1063	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefeb40000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
1064	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
1065	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1066	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1067	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1068	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1069	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1070	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1071	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1072	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1073	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1074	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1075	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1076	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1077	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1078	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1079	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1080	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1081	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1082	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1083	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1084	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1085	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1086	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1087	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1088	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1089	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1090	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1091	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1092	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1093	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1094	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1095	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9a20000 'C:\Windows\system32\cryptnet.dll'
1096	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1097	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1098	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1099	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1100	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4d0000 'C:\Windows\system32\profapi.dll'
1101	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1102	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1103	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1104	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
1105	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1106	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1107	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1108	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1109	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1110	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1111	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1112	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1113	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1114	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1115	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1116	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1117	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feff550000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
1118	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1119	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff550000 'C:\Windows\system32\SHLWAPI.dll'
1120	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1121	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008572b0
1122	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1123	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
1124	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1125	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1126	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1127	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1128	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1129	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
1130	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1131	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1132	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff470000 'C:\Windows\system32\ADVAPI32.dll'
1133	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1134	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1135	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1136	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef90000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1137	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
1138	10b8.10bc: g_pfnWinVerifyTrust=000007fefd841010
1139	10b8.10bc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1140	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
1141	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1142	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1143	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E4581771CBFFF32DF331EF17B5C5FD7E1F614302
1144	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_136_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1145	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1146	10b8.10bc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1147	10b8.10bc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1148	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
1149	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1150	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1151	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=108407301192217C74BC9FE609CA642A66DBE98B
1152	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_91_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1153	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1154	10b8.10bc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1155	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a4 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1156	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1157	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1158	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
1159	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1160	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1161	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1162	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000398 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1163	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1164	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1165	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
1166	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1167	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1168	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1169	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000394 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1170	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1171	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1172	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
1173	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_91_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1174	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1175	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1176	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000260 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
1177	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1178	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1179	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
1180	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1181	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1182	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1183	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001cc pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
1184	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1185	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1186	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
1187	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1188	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1189	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1190	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
1191	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1192	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1193	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
1194	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1195	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1196	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1197	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
1198	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1199	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1200	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1201	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
1202	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1203	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1204	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1205	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
1206	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1207	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1208	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
1209	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB2992611~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1210	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1211	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1212	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
1213	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1214	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1215	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
1216	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1217	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1218	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1219	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
1220	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1221	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1222	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
1223	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1224	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1225	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1226	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
1227	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1228	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1229	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
1230	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1231	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1232	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1233	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
1234	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1235	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1236	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
1237	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1238	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1239	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1240	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
1241	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1242	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1243	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
1244	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2993651~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1245	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1246	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1247	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
1248	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1249	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1250	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
1251	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
1252	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1253	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
1254	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
1255	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1256	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1257	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
1258	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1259	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1260	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1261	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1262	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1263	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1264	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
1265	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1266	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1267	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1268	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
1269	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1270	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1271	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
1272	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1273	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1274	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1275	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
1276	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1277	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1278	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
1279	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1280	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1281	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1282	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
1283	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1284	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1285	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1286	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FE601E1BC89E11CA16D1CA31315BC348EFAF0C74
1287	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_91_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1288	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1289	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1290	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1291	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1292	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1293	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
1294	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1295	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1296	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1297	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
1298	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1299	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1300	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1301	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1302	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1303	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1304	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1305	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1306	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1307	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
1308	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2978668~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1309	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1310	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1311	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1312	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1313	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1314	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1315	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
1316	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB2871997~31bf3856ad364e35~amd64~~6.1.2.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1317	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1318	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1319	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
1320	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1321	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1322	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
1323	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB2871997~31bf3856ad364e35~amd64~~6.1.2.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1324	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1325	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1326	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1327	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000114ec10:C:\Windows\system32 [calling]
1328	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd520000 'C:\Windows\system32\crypt32.dll'
1329	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc0f405ab4fb0ba00 CN=localhost, O=Skype Click to Call, OU=Skype Click to Call
1330	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1331	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1332	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1333	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1334	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1335	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xbf1f81e5a97406aa CN=USB\VID_0781&PID_5150 (libwdi autogenerated)
1336	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1337	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x5675ad49101bb3f2 CN=USB\VID_0764&PID_0501 (libwdi autogenerated)
1338	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1339	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1340	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x91e3728b8b40d000 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority
1341	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1342	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, [email protected]
1343	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1344	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1345	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2
1346	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1347	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1348	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1349	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1350	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1351	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1352	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1353	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1354	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1355	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
1356	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1357	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1358	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1359	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x5a341635fb75d800 C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA
1360	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1361	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1362	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1363	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1364	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1365	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
1366	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, [email protected]
1367	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1368	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
1369	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1370	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1371	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1372	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1373	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1374	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1375	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
1376	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1377	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x9259c8abe5ca713a L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, [email protected]
1378	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1379	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
1380	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, [email protected]
1381	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x92ac5ed85c2d0e9b C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2007 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G4
1382	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
1383	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1384	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
1385	10b8.10bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1386	10b8.10bc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=57
1387	10b8.10bc: SUPR3HardenedMain: Load Runtime...
1388	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1389	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1390	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1391	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1392	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
1393	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1394	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1395	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1396	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1397	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1398	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1399	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000448 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1400	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1401	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1402	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
1403	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
1404	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1405	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1406	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1407	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1408	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)WinVerifyTrust
1409	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1410	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1411	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1412	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1413	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
1414	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1415	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1416	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1417	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
1418	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1419	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1420	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1421	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1422	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1423	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1424	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000460 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
1425	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1426	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1427	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
1428	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
1429	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1430	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)WinVerifyTrust
1431	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
1432	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1433	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1434	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1435	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1436	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1437	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1438	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1439	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1440	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feeff10000 LB 0x00531000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1441	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1442	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1443	10b8.10bc: supR3HardenedDllNotificationCallback: load 0000000070360000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1444	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1445	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1446	10b8.10bc: supR3HardenedDllNotificationCallback: load 00000000702c0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1447	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1448	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefebc0000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1449	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1450	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefda70000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1451	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
1452	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1453	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1454	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1455	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1456	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1457	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1458	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1459	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1460	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1461	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1462	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1463	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1464	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1465	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1466	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1467	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1468	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1469	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1470	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1471	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1472	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1473	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1474	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1475	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1476	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1477	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1478	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1479	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1480	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1481	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1482	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1483	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1484	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1485	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1486	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1487	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1488	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1489	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1490	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1491	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1492	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1493	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1494	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1495	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1496	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d5c90:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\utils\;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\nodejs\;C:\Users\rjs7\AppData\Roaming\npm [calling]
1497	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1498	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1499	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1500	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeff10000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1501	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1502	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033b6f30:C:\Windows\system32 [calling]
1503	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd840000 'C:\Windows\system32\Wintrust.dll'
1504	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1505	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033b6f30:C:\Windows\system32 [calling]
1506	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd520000 'C:\Windows\system32\crypt32.dll'
1507	10b8.10bc: SUPR3HardenedMain: Load TrustedMain...
1508	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1509	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1510	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1511	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1512	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1513	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
1514	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
1515	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
1516	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
1517	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
1518	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
1519	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
1520	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
1521	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
1522	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
1523	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
1524	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
1525	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1526	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1527	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1528	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a0 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
1529	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1530	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1531	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1532	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
1533	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1534	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1535	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1536	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll)WinVerifyTrust
1537	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1538	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1539	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1540	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1541	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1542	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1543	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
1544	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
1545	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1546	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1547	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1548	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1549	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1550	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1551	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1552	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)WinVerifyTrust
1553	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1554	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1555	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1556	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1557	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1558	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1559	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=59C9A3379D97CB80EFB9D9152AF4E0240DDF8B29
1560	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3006226~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1561	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1562	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1563	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1564	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1565	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1566	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1567	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)WinVerifyTrust
1568	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1569	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1570	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1571	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ac pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
1572	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1573	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1574	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
1575	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1576	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1577	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1578	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1579	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1580	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1581	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)WinVerifyTrust
1582	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
1583	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1584	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1585	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a4 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
1586	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1587	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1588	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8D11B9B481EE916E64C94F8ECA71C2995A2999B7
1589	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2980245~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
1590	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1591	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1592	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1593	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1594	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1595	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)WinVerifyTrust
1596	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1597	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1598	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1599	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1600	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1601	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1602	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1603	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1604	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1605	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
1606	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
1607	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1608	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1609	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1610	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
1611	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1612	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1613	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
1614	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1615	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
1616	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
1617	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
1618	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
1619	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
1620	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
1621	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1622	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1623	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1624	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1625	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
1626	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
1627	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1628	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1629	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1630	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
1631	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1632	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
1633	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
1634	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
1635	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
1636	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
1637	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)WinVerifyTrust
1638	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1639	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1640	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1641	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1642	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1643	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1644	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
1645	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1646	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1647	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)WinVerifyTrust
1648	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1649	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1650	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1651	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1652	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1653	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1654	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1655	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1656	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1657	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1658	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1659	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e8 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
1660	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1661	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1662	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
1663	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1664	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1665	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1666	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1667	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1668	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1669	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1670	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1671	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)WinVerifyTrust
1672	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1673	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1674	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1675	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1676	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1677	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004dc pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
1678	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1679	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1680	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1681	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
1682	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1683	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1684	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1685	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1686	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1687	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1688	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1689	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)WinVerifyTrust
1690	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1691	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1692	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1693	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d8 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
1694	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1695	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1696	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
1697	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
1698	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1699	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1700	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1701	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1702	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)WinVerifyTrust
1703	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1704	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1705	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1706	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1707	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1708	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1709	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1710	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1711	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1712	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1713	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1714	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1715	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1716	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1717	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1718	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1719	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1720	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1721	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1722	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1723	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1724	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1725	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1726	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1727	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1728	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1729	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1730	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1731	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1732	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1733	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1734	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1735	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1736	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1737	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1738	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1739	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1740	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1741	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1742	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1743	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1744	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1745	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1746	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1747	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1748	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
1749	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1750	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1751	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
1752	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
1753	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1754	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1755	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1756	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1757	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)WinVerifyTrust
1758	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
1759	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1760	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1761	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1762	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1763	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1764	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1765	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1766	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1767	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1768	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1769	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1770	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1771	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1772	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1773	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1774	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1775	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1776	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1777	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1778	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1779	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1780	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1781	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1782	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1783	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1784	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1785	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1786	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1787	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1788	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1789	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1790	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1791	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1792	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1793	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1794	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1795	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1796	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1797	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1798	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1799	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1800	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1801	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1802	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1803	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1804	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1805	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1806	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1807	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1808	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1809	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1810	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1811	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1812	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1813	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1814	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1815	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1816	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1817	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1818	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1819	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
1820	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1821	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1822	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1823	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1824	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1825	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1826	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1827	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1828	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1829	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1830	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1831	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
1832	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
1833	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1834	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1835	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
1836	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
1837	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1838	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1839	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1840	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1841	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)WinVerifyTrust
1842	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
1843	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1844	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1845	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1846	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1847	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1848	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1849	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1850	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1851	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1852	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1853	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1854	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1855	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1856	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1857	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1858	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1859	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1860	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1861	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1862	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1863	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1864	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1865	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1866	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1867	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1868	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1869	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1870	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1871	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1872	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1873	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1874	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1875	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1876	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1877	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1878	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004bc pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1879	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1880	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1881	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
1882	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
1883	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1884	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1885	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1886	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1887	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)WinVerifyTrust
1888	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1889	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1890	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1891	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000500 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
1892	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1893	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1894	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
1895	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1896	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1897	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
1898	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
1899	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
1900	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1901	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1902	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1903	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
1904	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)WinVerifyTrust
1905	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1906	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1907	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1908	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1909	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1910	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f0 pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
1911	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1912	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1913	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F097BF0B081F54722F0A01EF1CC13AECA64B12F0
1914	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
1915	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1916	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1917	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1918	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1919	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)WinVerifyTrust
1920	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1921	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1922	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1923	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1924	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1925	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1926	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1927	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1928	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1929	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1930	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1931	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
1932	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
1933	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000050c pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
1934	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1935	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1936	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
1937	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1938	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1939	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1940	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
1941	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)WinVerifyTrust
1942	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
1943	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1944	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1945	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1946	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1947	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1948	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1949	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1950	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1951	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1952	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1953	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1954	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1955	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1956	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000514 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1957	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
1958	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
1959	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
1960	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1961	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1962	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1963	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
1964	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1965	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)WinVerifyTrust
1966	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1967	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1968	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1969	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1970	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1971	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1972	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1973	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1974	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1975	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1976	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1977	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1978	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1979	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1980	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1981	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1982	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1983	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1984	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
1985	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1986	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feef690000 LB 0x00871000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
1987	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1988	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1989	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feef570000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
1990	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1991	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1992	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feef540000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
1993	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1994	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1995	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feef440000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
1996	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1997	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1998	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feef430000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
1999	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
2000	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd890000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
2001	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
2002	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd750000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
2003	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
2004	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefefb0000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
2005	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2006	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feff5e0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
2007	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2008	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd790000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
2009	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
2010	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2011	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefb7b0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
2012	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2013	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2014	10b8.10bc: supR3HardenedDllNotificationCallback: load 000000006e6d0000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
2015	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2016	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
2017	10b8.10bc: supR3HardenedDllNotificationCallback: load 000000006dd60000 LB 0x00969000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
2018	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
2019	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007feff980000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
2020	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
2021	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
2022	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2023	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2024	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll)
2025	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
2026	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fef84d0000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\COMCTL32.dll [fFlags=0x0]
2027	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll [avoiding WinVerifyTrust]
2028	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefddb0000 LB 0x00d88000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
2029	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2030	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2031	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefac30000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
2032	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2033	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
2034	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fef8350000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
2035	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
2036	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
2037	10b8.10bc: supR3HardenedDllNotificationCallback: load 0000000070060000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
2038	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
2039	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
2040	10b8.10bc: supR3HardenedDllNotificationCallback: load 000000006ff80000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
2041	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
2042	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000504 pwszName=\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
2043	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
2044	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
2045	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
2046	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
2047	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2048	10b8.10bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
2049	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
2050	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2051	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2052	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2053	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2054	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2055	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2056	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2057	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda80000 'C:\Windows\system32\imm32.dll'
2058	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feef690000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
2059	10b8.10bc: SUPR3HardenedMain: Calling TrustedMain (000007feef691ca0)...
2060	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2061	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2062	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac30000 'C:\Windows\system32\winmm.dll'
2063	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
2064	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2065	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd330000 'C:\Windows\system32\CRYPTBASE.dll'
2066	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2067	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2068	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddb0000 'C:\Windows\system32\shell32.dll'
2069	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2070	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2071	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774f0000 'C:\Windows\system32\kernel32.dll'
2072	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005b8 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2073	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
2074	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
2075	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
2076	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
2077	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2078	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2079	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2080	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
2081	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll)WinVerifyTrust
2082	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2083	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2084	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2085	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2086	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2087	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2088	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2089	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2090	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2091	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefbc10000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
2092	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2093	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbc10000 'C:\Windows\system32\uxtheme.dll'
2094	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2095	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2096	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbc10000 'C:\Windows\system32\uxtheme.dll'
2097	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2098	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2099	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
2100	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077610000 'C:\Windows\system32\user32.dll'
2101	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2102	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2103	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbc10000 'C:\Windows\system32\uxtheme.dll'
2104	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077610000 'C:\Windows\system32\user32.dll'
2105	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff470000 'C:\Windows\system32\advapi32.dll'
2106	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
2107	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2108	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd7b0000 'C:\Windows\system32\userenv.dll'
2109	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2110	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2111	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000774f0000 'C:\Windows\system32\kernel32.dll'
2112	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005f0 pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2113	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
2114	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
2115	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
2116	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
2117	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2118	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2119	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2120	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2121	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2122	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2123	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2124	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)WinVerifyTrust
2125	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2126	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2127	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2128	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2129	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2130	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2131	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2132	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2133	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2134	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2135	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2136	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2137	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2138	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2139	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2140	10b8.10bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
2141	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087a420:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2142	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2143	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefdba0000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
2144	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2145	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\CLBCatQ.DLL'
2146	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2147	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087ab70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2148	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff470000 'C:\Windows\system32\ADVAPI32.dll'
2149	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
2150	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087ab70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2151	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcca0000 'C:\Windows\system32\CRYPTSP.dll'
2152	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000610 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2153	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008572b0
2154	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008572b0
2155	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
2156	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
2157	10b8.10bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2158	10b8.10bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2159	10b8.10bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll)WinVerifyTrust
2160	10b8.10bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2161	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2162	10b8.10bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2163	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087ab70:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2164	10b8.10bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2165	10b8.10bc: supR3HardenedDllNotificationCallback: load 000007fefd3e0000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
2166	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2167	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3e0000 'C:\Windows\system32\RpcRtRemote.dll'
2168	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb30000 'C:\Windows\system32\gdi32.dll'
2169	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2170	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087af60:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2171	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddb0000 'C:\Windows\system32\shell32.dll'
2172	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2173	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087af60:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2174	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddb0000 'C:\Windows\system32\shell32.dll'
2175	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2176	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087af60:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2177	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddb0000 'C:\Windows\system32\shell32.dll'
2178	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2179	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087af60:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2180	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddb0000 'C:\Windows\system32\shell32.dll'
2181	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddb0000 'C:\Windows\system32\shell32.dll'
2182	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddb0000 'C:\Windows\system32\shell32.dll'
2183	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2184	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087af60:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2185	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
2186	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077610000 'C:\Windows\system32\user32.dll'
2187	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2188	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087af60:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2189	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5e0000 'C:\Windows\system32\ole32.dll'
2190	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2191	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000087b1a0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2192	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5e0000 'C:\Windows\system32\ole32.dll'
2193	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
2194	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000032e4960:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2195	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff090000 'C:\Windows\system32\MSCTF.dll'
2196	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll' [redir]
2197	10b8.10bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
2198	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000087b1a0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
2199	10b8.10bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef84d0000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
2200	10b8.10bc: Terminating the normal way: rcExit=1
2201	1088.108c: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 277399 ms, the end);
2202	1080.1084: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 277994 ms, the end);

Download in other formats:

Original Format