VirtualBox

Ticket #14181: VBoxStartup.log

File VBoxStartup.log, 326.4 KB (added by Paul17041993, 9 years ago)

VBoxStartup log

Line 
1173c.1074: Log file opened: 4.3.28r100309 g_hStartupLog=0000000000000010 g_uNtVerCombined=0x63258000
2173c.1074: \SystemRoot\System32\ntdll.dll:
3173c.1074: CreationTime: 2015-05-30T02:05:27.727657100Z
4173c.1074: LastWriteTime: 2015-03-23T21:59:25.551884100Z
5173c.1074: ChangeTime: 2015-05-30T03:50:36.676572500Z
6173c.1074: FileAttributes: 0x20
7173c.1074: Size: 0x1a7540
8173c.1074: NT Headers: 0xd8
9173c.1074: Timestamp: 0x550f4336
10173c.1074: Machine: 0x8664 - amd64
11173c.1074: Timestamp: 0x550f4336
12173c.1074: Image Version: 6.3
13173c.1074: SizeOfImage: 0x1ac000 (1753088)
14173c.1074: Resource Dir: 0x148000 LB 0x62450
15173c.1074: ProductName: Microsoft® Windows® Operating System
16173c.1074: ProductVersion: 6.3.9600.17736
17173c.1074: FileVersion: 6.3.9600.17736 (winblue_r9.150322-1500)
18173c.1074: FileDescription: NT Layer DLL
19173c.1074: \SystemRoot\System32\kernel32.dll:
20173c.1074: CreationTime: 2015-05-30T02:09:51.777237800Z
21173c.1074: LastWriteTime: 2014-10-29T04:09:24.572407200Z
22173c.1074: ChangeTime: 2015-05-30T03:51:35.997498300Z
23173c.1074: FileAttributes: 0x20
24173c.1074: Size: 0x13fc30
25173c.1074: NT Headers: 0xf8
26173c.1074: Timestamp: 0x545054ca
27173c.1074: Machine: 0x8664 - amd64
28173c.1074: Timestamp: 0x545054ca
29173c.1074: Image Version: 6.3
30173c.1074: SizeOfImage: 0x13e000 (1302528)
31173c.1074: Resource Dir: 0x12e000 LB 0x518
32173c.1074: ProductName: Microsoft® Windows® Operating System
33173c.1074: ProductVersion: 6.3.9600.17415
34173c.1074: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500)
35173c.1074: FileDescription: Windows NT BASE API Client DLL
36173c.1074: \SystemRoot\System32\KernelBase.dll:
37173c.1074: CreationTime: 2015-05-30T02:11:04.152265300Z
38173c.1074: LastWriteTime: 2014-10-29T03:55:08.402989600Z
39173c.1074: ChangeTime: 2015-05-30T03:51:36.389460100Z
40173c.1074: FileAttributes: 0x20
41173c.1074: Size: 0x114a90
42173c.1074: NT Headers: 0xf0
43173c.1074: Timestamp: 0x54505737
44173c.1074: Machine: 0x8664 - amd64
45173c.1074: Timestamp: 0x54505737
46173c.1074: Image Version: 6.3
47173c.1074: SizeOfImage: 0x115000 (1134592)
48173c.1074: Resource Dir: 0x110000 LB 0x3528
49173c.1074: ProductName: Microsoft® Windows® Operating System
50173c.1074: ProductVersion: 6.3.9600.17415
51173c.1074: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500)
52173c.1074: FileDescription: Windows NT BASE API Client DLL
53173c.1074: \SystemRoot\System32\apisetschema.dll:
54173c.1074: CreationTime: 2013-08-22T12:13:09.745625900Z
55173c.1074: LastWriteTime: 2013-08-22T12:35:12.091034400Z
56173c.1074: ChangeTime: 2015-05-30T11:11:52.214082700Z
57173c.1074: FileAttributes: 0x20
58173c.1074: Size: 0x11360
59173c.1074: NT Headers: 0xd0
60173c.1074: Timestamp: 0x52160049
61173c.1074: Machine: 0x8664 - amd64
62173c.1074: Timestamp: 0x52160049
63173c.1074: Image Version: 6.3
64173c.1074: SizeOfImage: 0x13000 (77824)
65173c.1074: Resource Dir: 0x11000 LB 0x3f8
66173c.1074: ProductName: Microsoft® Windows® Operating System
67173c.1074: ProductVersion: 6.3.9600.16384
68173c.1074: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
69173c.1074: FileDescription: ApiSet Schema DLL
70173c.1074: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71173c.1074: supR3HardenedWinFindAdversaries: 0x0
72173c.1074: Calling main()
73173c.1074: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
74173c.1074: SUPR3HardenedMain: Respawn #1
75173c.1074: System32: \Device\HarddiskVolume4\Windows\System32
76173c.1074: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
77173c.1074: KnownDllPath: C:\Windows\system32
78173c.1074: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
79173c.1074: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
80173c.1074: supR3HardNtEnableThreadCreation:
81173c.1074: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff822e48eb0 pvNtTerminateThread=00007ff822ec16f0
82173c.1074: supR3HardenedWinDoReSpawn(1): New child 55c.1cdc [kernel32].
83173c.1074: supR3HardNtChildGatherData: PebBaseAddress=00007ff74bcce000 cbPeb=0x388
84173c.1074: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff822e30000 uNtDllChildAddr=00007ff822e30000
85173c.1074: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff822e48eb0
86173c.1074: supR3HardenedWinSetupChildInit: Start child.
87173c.1074: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
88173c.1074: supR3HardNtChildPurify: Startup delay kludge #1/0: 261 ms, 31 sleeps
89173c.1074: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
90173c.1074: *0000000000000000-ffffffffff7dffff 0x0001/0x0000 0x0000000
91173c.1074: *0000000000820000-00000000007fffff 0x0004/0x0004 0x0020000
92173c.1074: *0000000000840000-0000000000830fff 0x0002/0x0002 0x0040000
93173c.1074: 000000000084f000-000000000084dfff 0x0001/0x0000 0x0000000
94173c.1074: *0000000000850000-0000000000753fff 0x0000/0x0004 0x0020000
95173c.1074: 000000000094c000-0000000000948fff 0x0104/0x0004 0x0020000
96173c.1074: 000000000094f000-000000000094dfff 0x0004/0x0004 0x0020000
97173c.1074: *0000000000950000-000000000094bfff 0x0002/0x0002 0x0040000
98173c.1074: 0000000000954000-0000000000947fff 0x0001/0x0000 0x0000000
99173c.1074: *0000000000960000-000000000095dfff 0x0004/0x0004 0x0020000
100173c.1074: 0000000000962000-ffffffff812e3fff 0x0001/0x0000 0x0000000
101173c.1074: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
102173c.1074: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
103173c.1074: 000000007fff0000-ffff8009b433ffff 0x0001/0x0000 0x0000000
104173c.1074: *00007ff74bca0000-00007ff74bc7cfff 0x0002/0x0002 0x0040000
105173c.1074: 00007ff74bcc3000-00007ff74bcb9fff 0x0001/0x0000 0x0000000
106173c.1074: *00007ff74bccc000-00007ff74bcc9fff 0x0004/0x0004 0x0020000
107173c.1074: *00007ff74bcce000-00007ff74bcccfff 0x0004/0x0004 0x0020000
108173c.1074: 00007ff74bccf000-00007ff74b66dfff 0x0001/0x0000 0x0000000
109173c.1074: *00007ff74c330000-00007ff74c330fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
110173c.1074: 00007ff74c331000-00007ff74c3b5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
111173c.1074: 00007ff74c3b6000-00007ff74c3b6fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
112173c.1074: 00007ff74c3b7000-00007ff74c3f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
113173c.1074: 00007ff74c3f5000-00007ff74c3f5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
114173c.1074: 00007ff74c3f6000-00007ff74c3f6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
115173c.1074: 00007ff74c3f7000-00007ff74c3f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
116173c.1074: 00007ff74c3f9000-00007ff74c3f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
117173c.1074: 00007ff74c3fa000-00007ff74c3fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
118173c.1074: 00007ff74c3fb000-00007ff74c3fefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
119173c.1074: 00007ff74c3ff000-00007ff74c437fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
120173c.1074: 00007ff74c438000-00007ff675a3ffff 0x0001/0x0000 0x0000000
121173c.1074: *00007ff822e30000-00007ff822e30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
122173c.1074: 00007ff822e31000-00007ff822f5cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
123173c.1074: 00007ff822f5d000-00007ff822f62fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
124173c.1074: 00007ff822f63000-00007ff822f6ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
125173c.1074: 00007ff822f70000-00007ff822f70fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
126173c.1074: 00007ff822f71000-00007ff822f73fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
127173c.1074: 00007ff822f74000-00007ff822f74fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
128173c.1074: 00007ff822f75000-00007ff822fdbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
129173c.1074: 00007ff822fdc000-00007ff045fd7fff 0x0001/0x0000 0x0000000
130173c.1074: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
131173c.1074: VirtualBox.exe: timestamp 0x555369a5 (rc=VINF_SUCCESS)
132173c.1074: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
133173c.1074: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
134173c.1074: supR3HardNtChildPurify: Done after 299 ms and 0 fixes (loop #0).
13555c.1cdc: Log file opened: 4.3.28r100309 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
13655c.1cdc: supR3HardenedVmProcessInit: uNtDllAddr=00007ff822e30000
13755c.1cdc: ntdll.dll: timestamp 0x550f4336 (rc=VINF_SUCCESS)
13855c.1cdc: New simple heap: #1 0000000000a70000 LB 0x400000 (for 1753088 allocation)
139173c.1074: supR3HardNtEnableThreadCreation:
14055c.1cdc: System32: \Device\HarddiskVolume4\Windows\System32
14155c.1cdc: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
14255c.1cdc: KnownDllPath: C:\Windows\system32
14355c.1cdc: supR3HardenedVmProcessInit: Opening vboxdrv stub...
14455c.1cdc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
14555c.1cdc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
14655c.1cdc: Registered Dll notification callback with NTDLL.
14755c.1cdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
14855c.1cdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
14955c.1cdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
15055c.1cdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
15155c.1cdc: supR3HardenedDllNotificationCallback: load 00007ff8200a0000 LB 0x00115000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
15255c.1cdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
15355c.1cdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
15455c.1cdc: supR3HardenedDllNotificationCallback: load 00007ff820830000 LB 0x0013e000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
15555c.1cdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
15655c.1cdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820830000 'C:\Windows\system32\KERNEL32.DLL'
15755c.1cdc: supR3HardenedDllNotificationCallback: load 00007ff74c330000 LB 0x00108000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
15855c.1cdc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
15955c.1cdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
16055c.1cdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
16155c.1cdc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff822e48eb0 pvNtTerminateThread=00007ff822ec16f0
162173c.1074: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 87 ms.
16355c.1cdc: \SystemRoot\System32\ntdll.dll:
16455c.1cdc: CreationTime: 2015-05-30T02:05:27.727657100Z
16555c.1cdc: LastWriteTime: 2015-03-23T21:59:25.551884100Z
16655c.1cdc: ChangeTime: 2015-05-30T03:50:36.676572500Z
16755c.1cdc: FileAttributes: 0x20
16855c.1cdc: Size: 0x1a7540
16955c.1cdc: NT Headers: 0xd8
17055c.1cdc: Timestamp: 0x550f4336
17155c.1cdc: Machine: 0x8664 - amd64
17255c.1cdc: Timestamp: 0x550f4336
17355c.1cdc: Image Version: 6.3
17455c.1cdc: SizeOfImage: 0x1ac000 (1753088)
17555c.1cdc: Resource Dir: 0x148000 LB 0x62450
17655c.1cdc: ProductName: Microsoft® Windows® Operating System
17755c.1cdc: ProductVersion: 6.3.9600.17736
17855c.1cdc: FileVersion: 6.3.9600.17736 (winblue_r9.150322-1500)
17955c.1cdc: FileDescription: NT Layer DLL
18055c.1cdc: \SystemRoot\System32\kernel32.dll:
18155c.1cdc: CreationTime: 2015-05-30T02:09:51.777237800Z
18255c.1cdc: LastWriteTime: 2014-10-29T04:09:24.572407200Z
18355c.1cdc: ChangeTime: 2015-05-30T03:51:35.997498300Z
18455c.1cdc: FileAttributes: 0x20
18555c.1cdc: Size: 0x13fc30
18655c.1cdc: NT Headers: 0xf8
18755c.1cdc: Timestamp: 0x545054ca
18855c.1cdc: Machine: 0x8664 - amd64
18955c.1cdc: Timestamp: 0x545054ca
19055c.1cdc: Image Version: 6.3
19155c.1cdc: SizeOfImage: 0x13e000 (1302528)
19255c.1cdc: Resource Dir: 0x12e000 LB 0x518
19355c.1cdc: ProductName: Microsoft® Windows® Operating System
19455c.1cdc: ProductVersion: 6.3.9600.17415
19555c.1cdc: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500)
19655c.1cdc: FileDescription: Windows NT BASE API Client DLL
19755c.1cdc: \SystemRoot\System32\KernelBase.dll:
19855c.1cdc: CreationTime: 2015-05-30T02:11:04.152265300Z
19955c.1cdc: LastWriteTime: 2014-10-29T03:55:08.402989600Z
20055c.1cdc: ChangeTime: 2015-05-30T03:51:36.389460100Z
20155c.1cdc: FileAttributes: 0x20
20255c.1cdc: Size: 0x114a90
20355c.1cdc: NT Headers: 0xf0
20455c.1cdc: Timestamp: 0x54505737
20555c.1cdc: Machine: 0x8664 - amd64
20655c.1cdc: Timestamp: 0x54505737
20755c.1cdc: Image Version: 6.3
20855c.1cdc: SizeOfImage: 0x115000 (1134592)
20955c.1cdc: Resource Dir: 0x110000 LB 0x3528
21055c.1cdc: ProductName: Microsoft® Windows® Operating System
21155c.1cdc: ProductVersion: 6.3.9600.17415
21255c.1cdc: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500)
21355c.1cdc: FileDescription: Windows NT BASE API Client DLL
21455c.1cdc: \SystemRoot\System32\apisetschema.dll:
21555c.1cdc: CreationTime: 2013-08-22T12:13:09.745625900Z
21655c.1cdc: LastWriteTime: 2013-08-22T12:35:12.091034400Z
21755c.1cdc: ChangeTime: 2015-05-30T11:11:52.214082700Z
21855c.1cdc: FileAttributes: 0x20
21955c.1cdc: Size: 0x11360
22055c.1cdc: NT Headers: 0xd0
22155c.1cdc: Timestamp: 0x52160049
22255c.1cdc: Machine: 0x8664 - amd64
22355c.1cdc: Timestamp: 0x52160049
22455c.1cdc: Image Version: 6.3
22555c.1cdc: SizeOfImage: 0x13000 (77824)
22655c.1cdc: Resource Dir: 0x11000 LB 0x3f8
22755c.1cdc: ProductName: Microsoft® Windows® Operating System
22855c.1cdc: ProductVersion: 6.3.9600.16384
22955c.1cdc: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
23055c.1cdc: FileDescription: ApiSet Schema DLL
23155c.1cdc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
23255c.1cdc: supR3HardenedWinFindAdversaries: 0x0
23355c.1cdc: Calling main()
23455c.1cdc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
23555c.1cdc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
23655c.1cdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
23755c.1cdc: SUPR3HardenedMain: Respawn #2
23855c.1cdc: supR3HardNtEnableThreadCreation:
23955c.1cdc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff822e48eb0 pvNtTerminateThread=00007ff822ec16f0
24055c.1cdc: supR3HardenedWinDoReSpawn(2): New child 2294.2360 [kernel32].
24155c.1cdc: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
24255c.1cdc: supR3HardNtChildGatherData: PebBaseAddress=00007ff74b80b000 cbPeb=0x388
24355c.1cdc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff822e30000 uNtDllChildAddr=00007ff822e30000
24455c.1cdc: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff822e48eb0
24555c.1cdc: supR3HardenedWinSetupChildInit: Start child.
24655c.1cdc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
24755c.1cdc: supR3HardNtChildPurify: Startup delay kludge #1/0: 263 ms, 31 sleeps
24855c.1cdc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
24955c.1cdc: *0000000000000000-ffffffffffc1ffff 0x0001/0x0000 0x0000000
25055c.1cdc: *00000000003e0000-00000000003bffff 0x0004/0x0004 0x0020000
25155c.1cdc: *0000000000400000-00000000003f0fff 0x0002/0x0002 0x0040000
25255c.1cdc: 000000000040f000-000000000040dfff 0x0001/0x0000 0x0000000
25355c.1cdc: *0000000000410000-0000000000313fff 0x0000/0x0004 0x0020000
25455c.1cdc: 000000000050c000-0000000000508fff 0x0104/0x0004 0x0020000
25555c.1cdc: 000000000050f000-000000000050dfff 0x0004/0x0004 0x0020000
25655c.1cdc: *0000000000510000-000000000050bfff 0x0002/0x0002 0x0040000
25755c.1cdc: 0000000000514000-0000000000507fff 0x0001/0x0000 0x0000000
25855c.1cdc: *0000000000520000-000000000051dfff 0x0004/0x0004 0x0020000
25955c.1cdc: 0000000000522000-ffffffff80a63fff 0x0001/0x0000 0x0000000
26055c.1cdc: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
26155c.1cdc: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
26255c.1cdc: 000000007fff0000-ffff8009b47fffff 0x0001/0x0000 0x0000000
26355c.1cdc: *00007ff74b7e0000-00007ff74b7bcfff 0x0002/0x0002 0x0040000
26455c.1cdc: 00007ff74b803000-00007ff74b7fafff 0x0001/0x0000 0x0000000
26555c.1cdc: *00007ff74b80b000-00007ff74b809fff 0x0004/0x0004 0x0020000
26655c.1cdc: 00007ff74b80c000-00007ff74b809fff 0x0001/0x0000 0x0000000
26755c.1cdc: *00007ff74b80e000-00007ff74b80bfff 0x0004/0x0004 0x0020000
26855c.1cdc: 00007ff74b810000-00007ff74aceffff 0x0001/0x0000 0x0000000
26955c.1cdc: *00007ff74c330000-00007ff74c330fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27055c.1cdc: 00007ff74c331000-00007ff74c3b5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27155c.1cdc: 00007ff74c3b6000-00007ff74c3b6fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27255c.1cdc: 00007ff74c3b7000-00007ff74c3f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27355c.1cdc: 00007ff74c3f5000-00007ff74c3f5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27455c.1cdc: 00007ff74c3f6000-00007ff74c3f6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27555c.1cdc: 00007ff74c3f7000-00007ff74c3f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27655c.1cdc: 00007ff74c3f9000-00007ff74c3f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27755c.1cdc: 00007ff74c3fa000-00007ff74c3fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27855c.1cdc: 00007ff74c3fb000-00007ff74c3fefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27955c.1cdc: 00007ff74c3ff000-00007ff74c437fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
28055c.1cdc: 00007ff74c438000-00007ff675a3ffff 0x0001/0x0000 0x0000000
28155c.1cdc: *00007ff822e30000-00007ff822e30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28255c.1cdc: 00007ff822e31000-00007ff822f5cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28355c.1cdc: 00007ff822f5d000-00007ff822f62fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28455c.1cdc: 00007ff822f63000-00007ff822f6ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28555c.1cdc: 00007ff822f70000-00007ff822f70fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28655c.1cdc: 00007ff822f71000-00007ff822f73fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28755c.1cdc: 00007ff822f74000-00007ff822f74fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28855c.1cdc: 00007ff822f75000-00007ff822fdbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28955c.1cdc: 00007ff822fdc000-00007ff045fd7fff 0x0001/0x0000 0x0000000
29055c.1cdc: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
29155c.1cdc: VirtualBox.exe: timestamp 0x555369a5 (rc=VINF_SUCCESS)
29255c.1cdc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
29355c.1cdc: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
29455c.1cdc: supR3HardNtChildPurify: Done after 301 ms and 0 fixes (loop #0).
2952294.2360: Log file opened: 4.3.28r100309 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
2962294.2360: supR3HardenedVmProcessInit: uNtDllAddr=00007ff822e30000
2972294.2360: ntdll.dll: timestamp 0x550f4336 (rc=VINF_SUCCESS)
2982294.2360: New simple heap: #1 0000000000630000 LB 0x400000 (for 1753088 allocation)
29955c.1cdc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000a70000 LB 0x400000)
30055c.1cdc: supR3HardNtEnableThreadCreation:
3012294.2360: System32: \Device\HarddiskVolume4\Windows\System32
3022294.2360: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
3032294.2360: KnownDllPath: C:\Windows\system32
3042294.2360: supR3HardenedVmProcessInit: Opening vboxdrv...
3052294.2360: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3062294.2360: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3072294.2360: Registered Dll notification callback with NTDLL.
3082294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
3092294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
3102294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
3112294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3122294.2360: supR3HardenedDllNotificationCallback: load 00007ff8200a0000 LB 0x00115000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
3132294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
3142294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
3152294.2360: supR3HardenedDllNotificationCallback: load 00007ff820830000 LB 0x0013e000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
3162294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3172294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820830000 'C:\Windows\system32\KERNEL32.DLL'
3182294.2360: supR3HardenedDllNotificationCallback: load 00007ff74c330000 LB 0x00108000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
3192294.2360: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3202294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3212294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3222294.2360: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff822e48eb0 pvNtTerminateThread=00007ff822ec16f0
32355c.1cdc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 91 ms.
3242294.2360: \SystemRoot\System32\ntdll.dll:
3252294.2360: CreationTime: 2015-05-30T02:05:27.727657100Z
3262294.2360: LastWriteTime: 2015-03-23T21:59:25.551884100Z
3272294.2360: ChangeTime: 2015-05-30T03:50:36.676572500Z
3282294.2360: FileAttributes: 0x20
3292294.2360: Size: 0x1a7540
3302294.2360: NT Headers: 0xd8
3312294.2360: Timestamp: 0x550f4336
3322294.2360: Machine: 0x8664 - amd64
3332294.2360: Timestamp: 0x550f4336
3342294.2360: Image Version: 6.3
3352294.2360: SizeOfImage: 0x1ac000 (1753088)
3362294.2360: Resource Dir: 0x148000 LB 0x62450
3372294.2360: ProductName: Microsoft® Windows® Operating System
3382294.2360: ProductVersion: 6.3.9600.17736
3392294.2360: FileVersion: 6.3.9600.17736 (winblue_r9.150322-1500)
3402294.2360: FileDescription: NT Layer DLL
3412294.2360: \SystemRoot\System32\kernel32.dll:
3422294.2360: CreationTime: 2015-05-30T02:09:51.777237800Z
3432294.2360: LastWriteTime: 2014-10-29T04:09:24.572407200Z
3442294.2360: ChangeTime: 2015-05-30T03:51:35.997498300Z
3452294.2360: FileAttributes: 0x20
3462294.2360: Size: 0x13fc30
3472294.2360: NT Headers: 0xf8
3482294.2360: Timestamp: 0x545054ca
3492294.2360: Machine: 0x8664 - amd64
3502294.2360: Timestamp: 0x545054ca
3512294.2360: Image Version: 6.3
3522294.2360: SizeOfImage: 0x13e000 (1302528)
3532294.2360: Resource Dir: 0x12e000 LB 0x518
3542294.2360: ProductName: Microsoft® Windows® Operating System
3552294.2360: ProductVersion: 6.3.9600.17415
3562294.2360: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500)
3572294.2360: FileDescription: Windows NT BASE API Client DLL
3582294.2360: \SystemRoot\System32\KernelBase.dll:
3592294.2360: CreationTime: 2015-05-30T02:11:04.152265300Z
3602294.2360: LastWriteTime: 2014-10-29T03:55:08.402989600Z
3612294.2360: ChangeTime: 2015-05-30T03:51:36.389460100Z
3622294.2360: FileAttributes: 0x20
3632294.2360: Size: 0x114a90
3642294.2360: NT Headers: 0xf0
3652294.2360: Timestamp: 0x54505737
3662294.2360: Machine: 0x8664 - amd64
3672294.2360: Timestamp: 0x54505737
3682294.2360: Image Version: 6.3
3692294.2360: SizeOfImage: 0x115000 (1134592)
3702294.2360: Resource Dir: 0x110000 LB 0x3528
3712294.2360: ProductName: Microsoft® Windows® Operating System
3722294.2360: ProductVersion: 6.3.9600.17415
3732294.2360: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500)
3742294.2360: FileDescription: Windows NT BASE API Client DLL
3752294.2360: \SystemRoot\System32\apisetschema.dll:
3762294.2360: CreationTime: 2013-08-22T12:13:09.745625900Z
3772294.2360: LastWriteTime: 2013-08-22T12:35:12.091034400Z
3782294.2360: ChangeTime: 2015-05-30T11:11:52.214082700Z
3792294.2360: FileAttributes: 0x20
3802294.2360: Size: 0x11360
3812294.2360: NT Headers: 0xd0
3822294.2360: Timestamp: 0x52160049
3832294.2360: Machine: 0x8664 - amd64
3842294.2360: Timestamp: 0x52160049
3852294.2360: Image Version: 6.3
3862294.2360: SizeOfImage: 0x13000 (77824)
3872294.2360: Resource Dir: 0x11000 LB 0x3f8
3882294.2360: ProductName: Microsoft® Windows® Operating System
3892294.2360: ProductVersion: 6.3.9600.16384
3902294.2360: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
3912294.2360: FileDescription: ApiSet Schema DLL
3922294.2360: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3932294.2360: supR3HardenedWinFindAdversaries: 0x0
3942294.2360: Calling main()
3952294.2360: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
3962294.2360: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3972294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3982294.2360: SUPR3HardenedMain: Final process, opening VBoxDrv...
3992294.2360: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000630000 LB 0x400000)
4002294.2360: supR3HardNtEnableThreadCreation:
4012294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
4022294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
4032294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4042294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4052294.2360: supR3HardenedDllNotificationCallback: load 00007ff818490000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
4062294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4072294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4082294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4092294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818490000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4102294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4112294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4122294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818490000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4132294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818490000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4142294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4152294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'crypt32.dll'.
4162294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'msasn1.dll'.
4172294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
4182294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
4192294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
4202294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4212294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4222294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
4232294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
4242294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4252294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4262294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
4272294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
4282294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4292294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4302294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4312294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'msasn1.dll'.
4322294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
4332294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
4342294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4352294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4362294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
4372294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
4382294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4392294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4402294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4412294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4422294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4432294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4442294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4452294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4462294.2360: supR3HardenedDllNotificationCallback: load 00007ff821120000 LB 0x000aa000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
4472294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4482294.2360: supR3HardenedDllNotificationCallback: load 00007ff820030000 LB 0x00011000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
4492294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4502294.2360: supR3HardenedDllNotificationCallback: load 00007ff820220000 LB 0x001df000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
4512294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4522294.2360: supR3HardenedDllNotificationCallback: load 00007ff820b00000 LB 0x00141000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
4532294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4542294.2360: supR3HardenedDllNotificationCallback: load 00007ff8201c0000 LB 0x00051000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
4552294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4562294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\system32\Wintrust.dll'
4572294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
4582294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
4592294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4602294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4612294.2360: supR3HardenedDllNotificationCallback: load 00007ff81faa0000 LB 0x00026000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
4622294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4632294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81faa0000 'C:\Windows\system32\bcrypt.dll'
4642294.2360: bcrypt.dll loaded at 00007ff81faa0000, BCryptOpenAlgorithmProvider at 00007ff81faa34a0, preloading providers:
4652294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
4662294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
4672294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4682294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4692294.2360: supR3HardenedDllNotificationCallback: load 00007ff81fde0000 LB 0x00063000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
4702294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4712294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81fde0000 'C:\Windows\system32\bcryptprimitives.dll'
4722294.2360: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000bf8ba0)
4732294.2360: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000bf8f90)
4742294.2360: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000bf90b0)
4752294.2360: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000bf9300)
4762294.2360: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000bf9420)
4772294.2360: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000bf9fb0)
4782294.2360: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000bf9c50)
4792294.2360: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000bfa0d0)
4802294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4812294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4822294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
4832294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4842294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4852294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
4862294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4872294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4882294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
4892294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4902294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4912294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
4922294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4932294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4942294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
4952294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4962294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4972294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
4982294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4992294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
5002294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
5012294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
5022294.2360: supR3HardenedDllNotificationCallback: load 00007ff81f940000 LB 0x00020000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
5032294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5042294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'.
5052294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
5062294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
5072294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
5082294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
5092294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5102294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5112294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5122294.2360: supR3HardenedDllNotificationCallback: load 00007ff81f4b0000 LB 0x00036000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
5132294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5142294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
5152294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
5162294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
5172294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
5182294.2360: supR3HardenedDllNotificationCallback: load 00007ff81fe50000 LB 0x0000b000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
5192294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5202294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5212294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
5222294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
5232294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
5242294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5252294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820830000 'C:\Windows\system32\kernel32.dll'
5262294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5272294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
5282294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5292294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
5302294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\CRYPT32.dll'
5312294.2360: supR3HardenedDllNotificationCallback: load 00007ff820c50000 LB 0x00016000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
5322294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5332294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
5342294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
5352294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5362294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5372294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5382294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5392294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5402294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
5412294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'bcrypt.dll'.
5422294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ntasn1.dll'.
5432294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ncrypt.dll)
5442294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ncrypt.dll
5452294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntasn1.dll)
5462294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntasn1.dll
5472294.2360: supR3HardenedDllNotificationCallback: load 00007ff81fa30000 LB 0x00037000 C:\Windows\SYSTEM32\NTASN1.dll [fFlags=0x0]
5482294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntasn1.dll [lacks WinVerifyTrust]
5492294.2360: supR3HardenedDllNotificationCallback: load 00007ff81fa70000 LB 0x00025000 C:\Windows\SYSTEM32\ncrypt.dll [fFlags=0x0]
5502294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
5512294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
5522294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
5532294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
5542294.2360: supR3HardenedDllNotificationCallback: load 00007ff821230000 LB 0x00059000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
5552294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
5562294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5572294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
5582294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
5592294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
5602294.2360: supR3HardenedDllNotificationCallback: load 00007ff81f110000 LB 0x00024000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
5612294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
5622294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
5632294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
5642294.2360: supR3HardenedDllNotificationCallback: load 00007ff81ff80000 LB 0x00015000 C:\Windows\SYSTEM32\profapi.dll [fFlags=0x0]
5652294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
5662294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5672294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'crypt32.dll'.
5682294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'wldap32.dll'.
5692294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
5702294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
5712294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
5722294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume4\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
5732294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5742294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\Wldap32.dll)
5752294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Wldap32.dll
5762294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
5772294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
5782294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5792294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5812294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5822294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5832294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5842294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5852294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5862294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5872294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5882294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5892294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5902294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5912294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntasn1.dll'...
5922294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\ntasn1.dll' [rcNtRedir=0xc0150008]
5932294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntasn1.dll [lacks WinVerifyTrust]
5942294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
5952294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
5962294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5972294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5982294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5992294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6002294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6012294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6022294.2360: supR3HardenedDllNotificationCallback: load 00007ff8211d0000 LB 0x0005c000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
6032294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
6042294.2360: supR3HardenedDllNotificationCallback: load 00007ff818a40000 LB 0x00039000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
6052294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6062294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6072294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6082294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6092294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6102294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6112294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6122294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6132294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6142294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6152294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6162294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6172294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6182294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6192294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6202294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6212294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6222294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6232294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6242294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6252294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6262294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6272294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6282294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6292294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6302294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6312294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6322294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6332294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6342294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\system32\cryptnet.dll'
6352294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6362294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\System32\cryptnet.dll'
6372294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6382294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
6392294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
6402294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
6412294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
6422294.2360: supR3HardenedDllNotificationCallback: load 00007ff822b70000 LB 0x000aa000 C:\Windows\SYSTEM32\advapi32.dll [fFlags=0x0]
6432294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
6442294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6452294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6462294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6472294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6482294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
6492294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
6502294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
6512294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6522294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6532294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6542294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6552294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
6562294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6572294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6582294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
6592294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
6602294.2360: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000c4c6f0
6612294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
6622294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0C388B9F1A03B08C9E0419963B4B8BEF1136190E
6632294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6642294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6652294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820b00000 'C:\Windows\system32\rpcrt4.dll'
6662294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6672294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
6682294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6692294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
6702294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6712294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
6722294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6732294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
6742294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6752294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
6762294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6772294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6782294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
6792294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6802294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
6812294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6822294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6832294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
6842294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6852294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6862294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
6872294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_31_for_KB3045999~31bf3856ad364e35~amd64~~6.3.1.3.cat'; file='\SystemRoot\System32\ntdll.dll'
6882294.2360: g_pfnWinVerifyTrust=00007ff8201c1050
6892294.2360: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
6902294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6912294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6922294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
6932294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6942294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6952294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
6962294.2360: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
6972294.2360: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
6982294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6992294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7002294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7012294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
7022294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7032294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7042294.2360: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
7052294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7062294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7072294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7082294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7092294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
7102294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume4\Windows\System32\Wldap32.dll
7112294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
7122294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
7132294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BBC3979054487C3D01C936AC44608445F3BDB24A
7142294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7152294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7162294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7172294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1991_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
7182294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
7192294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
7202294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000037c pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
7212294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
7222294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
7232294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CFA081F787F20E906CEFF5631F4EC1F5B874BBA5
7242294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7252294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7262294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7272294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1991_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
7282294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
7292294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
7302294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7312294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7322294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7332294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
7342294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7352294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7362294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7372294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
7382294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7392294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7402294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7412294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
7422294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7432294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7442294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7452294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntasn1.dll'
7462294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7472294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7482294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
7492294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7502294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7512294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ncrypt.dll'
7522294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7532294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7542294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7552294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7562294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
7572294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7582294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7592294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7602294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
7612294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7622294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7632294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7642294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
7652294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7662294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7672294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
7682294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7692294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7702294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
7712294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7722294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7732294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
7742294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7752294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7762294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
7772294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7782294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7792294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
7802294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7812294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7822294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
7832294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7842294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
7852294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7862294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe'
7872294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7882294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7892294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
7902294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
7912294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7922294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
7932294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
7942294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
7952294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
7962294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
7972294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
7982294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
7992294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
8002294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
8012294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
8022294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
8032294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
8042294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
8052294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
8062294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
8072294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
8082294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
8092294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
8102294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
8112294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
8122294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
8132294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
8142294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
8152294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
8162294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
8172294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
8182294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
8192294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
8202294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
8212294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
8222294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
8232294.2360: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
8242294.2360: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=30
8252294.2360: SUPR3HardenedMain: Load Runtime...
8262294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
8272294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8282294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
8292294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
8302294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
8312294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
8322294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8332294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8342294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8352294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
8362294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
8372294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
8382294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
8392294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
8402294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'nsi.dll'.
8412294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
8422294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll)WinVerifyTrust
8432294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
8442294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
8452294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
8462294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8472294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8482294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
8492294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
8502294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
8512294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\nsi.dll'.
8522294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\nsi.dll)
8532294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\nsi.dll
8542294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
8552294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8562294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
8572294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
8582294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8592294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8602294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
8612294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8622294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8632294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8642294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
8652294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
8662294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8672294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
8682294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
8692294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
8702294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8712294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8722294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
8732294.2360: supR3HardenedDllNotificationCallback: load 00000000746c0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
8742294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8752294.2360: supR3HardenedDllNotificationCallback: load 0000000074620000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
8762294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
8772294.2360: supR3HardenedDllNotificationCallback: load 00007ff822e20000 LB 0x00009000 C:\Windows\system32\NSI.dll [fFlags=0x0]
8782294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
8792294.2360: supR3HardenedDllNotificationCallback: load 00007ff8227b0000 LB 0x0005a000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
8802294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
8812294.2360: supR3HardenedDllNotificationCallback: load 00007ffffe110000 LB 0x00538000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
8822294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8832294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8842294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
8852294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\nsi.dll'.
8862294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rescheduled]
8872294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8882294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8892294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8902294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8912294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8922294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8932294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8942294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8952294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8962294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8972294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8982294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8992294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9002294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9012294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9022294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9032294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9042294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9052294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9062294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9072294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9082294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9092294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9102294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9112294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9122294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9132294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9142294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9152294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9162294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9172294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9182294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9192294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9202294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9212294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9222294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9232294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9242294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9252294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9262294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9272294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9282294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9292294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9302294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9312294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9322294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9332294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9342294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9352294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffe110000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9362294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\system32\Wintrust.dll'
9372294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
9382294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
9392294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
9402294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
9412294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
9422294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9432294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
9442294.2360: SUPR3HardenedMain: Load TrustedMain...
9452294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
9462294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
9472294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
9482294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
9492294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
9502294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
9512294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
9522294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
9532294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
9542294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
9552294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
9562294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
9572294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
9582294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
9592294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
9602294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
9612294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
9622294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
9632294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
9642294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
9652294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
9662294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
9672294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
9682294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
9692294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
9702294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'user32.dll'.
9712294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll)WinVerifyTrust
9722294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
9732294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
9742294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
9752294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a4 pwszName=\Device\HarddiskVolume4\Windows\System32\comdlg32.dll
9762294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
9772294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
9782294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A8D428FD3A844AF383E2EA2C23013320CECD6296
9792294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9812294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
9822294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'gdi32.dll'.
9832294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
9842294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
9852294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9862294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9872294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
9882294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
9892294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
9902294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
9912294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
9922294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'devobj.dll'.
9932294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
9942294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
9952294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
9962294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
9972294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\devobj.dll'.
9982294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9992294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
10002294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll)
10012294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll
10022294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10032294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10042294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10052294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10062294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
10072294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'.
10082294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
10092294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
10102294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10112294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10122294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10132294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
10142294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
10152294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
10162294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
10172294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
10182294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10192294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10202294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
10212294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
10222294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1358_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\comdlg32.dll'
10232294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10242294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10252294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
10262294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
10272294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
10282294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
10292294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
10302294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll)WinVerifyTrust
10312294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
10322294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
10332294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
10342294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
10352294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
10362294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
10372294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10382294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'user32.dll'.
10392294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'shlwapi.dll'.
10402294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'gdi32.dll'.
10412294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
10422294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
10432294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
10442294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
10452294.2360: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
10462294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
10472294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
10482294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
10492294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll)
10502294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll
10512294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10522294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10532294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10542294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10552294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10562294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10572294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
10582294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
10592294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
10602294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
10612294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
10622294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
10632294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
10642294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
10652294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10662294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10672294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10682294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10692294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10702294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10712294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10722294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10732294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10742294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10752294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10762294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10772294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10782294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10792294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10802294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10812294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10822294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
10832294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
10842294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10852294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10862294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10872294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
10882294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
10892294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
10902294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10912294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10922294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10932294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10942294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10952294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
10962294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
10972294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10982294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
10992294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
11002294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll)WinVerifyTrust
11012294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
11022294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
11032294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
11042294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11052294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11062294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
11072294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
11082294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
11092294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
11102294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11112294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
11122294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
11132294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
11142294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11152294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11162294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11172294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11182294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11192294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11202294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
11212294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
11222294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
11232294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
11242294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'gdi32.dll'.
11252294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
11262294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
11272294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll)WinVerifyTrust
11282294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
11292294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
11302294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
11312294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [redoing WinVerifyTrust]
11322294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
11332294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
11342294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
11352294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11362294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11372294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
11382294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11392294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11402294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11412294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11422294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11432294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11442294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11452294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
11462294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
11472294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
11482294.2360: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
11492294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11502294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11512294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
11522294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11532294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11542294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
11552294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
11562294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
11572294.2360: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
11582294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11592294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11602294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
11612294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
11622294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
11632294.2360: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
11642294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
11652294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
11662294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
11672294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
11682294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
11692294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11702294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
11712294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
11722294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
11732294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
11742294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
11752294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
11762294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
11772294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11782294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
11792294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
11812294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
11822294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'.
11832294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
11842294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
11852294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
11862294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
11872294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
11882294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
11892294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
11902294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
11912294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
11922294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
11932294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
11942294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
11952294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
11962294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
11972294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
11982294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
11992294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
12002294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
12012294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
12022294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
12032294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
12042294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
12052294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
12062294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
12072294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
12082294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
12092294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12102294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12112294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
12122294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12132294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12142294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
12152294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
12162294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
12172294.2360: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
12182294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12192294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
12202294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
12212294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
12222294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
12232294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
12242294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
12252294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
12262294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12272294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12282294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
12292294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
12302294.2360: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\ddraw.dll'.
12312294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12322294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'user32.dll'.
12332294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'gdi32.dll'.
12342294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'dciman32.dll'.
12352294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ddraw.dll)
12362294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ddraw.dll
12372294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
12382294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
12392294.2360: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
12402294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12412294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
12422294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
12432294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
12442294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
12452294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12462294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12472294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
12482294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12492294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12502294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
12512294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12522294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12532294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12542294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12552294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12562294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12572294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
12582294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
12592294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
12602294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
12612294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
12622294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
12632294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
12642294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
12652294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12662294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12672294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
12682294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12692294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12702294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12712294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12722294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
12732294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
12742294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
12752294.2360: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
12762294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12772294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv)
12782294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv
12792294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
12802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
12812294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
12822294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
12832294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
12842294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
12852294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
12862294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'msctf.dll'.
12872294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
12882294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
12892294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
12902294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
12912294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
12922294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
12932294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
12942294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
12952294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12962294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12972294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12982294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12992294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13002294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13012294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13022294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
13032294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13042294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
13052294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
13062294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13072294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13082294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
13092294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13102294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13112294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
13122294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13132294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13142294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
13152294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
13162294.2360: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msctf.dll'.
13172294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13182294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
13192294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
13202294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'imm32.dll'.
13212294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
13222294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
13232294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13242294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13252294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13262294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13272294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13282294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13292294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13302294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13312294.2360: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
13322294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13332294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13342294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
13352294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
13362294.2360: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\dciman32.dll'.
13372294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13382294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
13392294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
13402294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dciman32.dll)
13412294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dciman32.dll
13422294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13432294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13442294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13452294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13462294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13472294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13482294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13492294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13502294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13512294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13522294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13532294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13542294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
13552294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
13562294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
13572294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13582294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13592294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13602294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13612294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
13622294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13632294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13642294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
13652294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
13662294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
13672294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
13682294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
13692294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
13702294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
13712294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
13722294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [redoing WinVerifyTrust]
13732294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13742294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13752294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13762294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13772294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13782294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
13792294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
13812294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
13822294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
13832294.2360: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'
13842294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13852294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13862294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [redoing WinVerifyTrust]
13872294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
13882294.2360: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'
13892294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13902294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13912294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
13922294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
13932294.2360: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
13942294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13952294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13962294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
13972294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
13982294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
13992294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14002294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14012294.2360: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
14022294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005dc pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
14032294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
14042294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
14052294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2C6D4490D969C3233E8843AD4B11DB3F390C0B16
14062294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
14072294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
14082294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1537_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
14092294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14102294.2360: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
14112294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
14122294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
14132294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
14142294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
14152294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
14162294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
14172294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
14182294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
14192294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
14202294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
14212294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
14222294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
14232294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
14242294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
14252294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
14262294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll)
14272294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll
14282294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
14292294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
14302294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
14312294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
14322294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14332294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'combase.dll'.
14342294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
14352294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
14362294.2360: supR3HardenedDllNotificationCallback: load 00007ff820970000 LB 0x00177000 C:\Windows\system32\USER32.dll [fFlags=0x0]
14372294.2360: supR3HardenedDllNotificationCallback: load 00007ff8206d0000 LB 0x00151000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
14382294.2360: supR3HardenedDllNotificationCallback: load 00007ff81ce10000 LB 0x00009000 C:\Windows\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
14392294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
14402294.2360: supR3HardenedDllNotificationCallback: load 00007ff817840000 LB 0x000f8000 C:\Windows\SYSTEM32\DDRAW.dll [fFlags=0x0]
14412294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
14422294.2360: supR3HardenedDllNotificationCallback: load 00007ff81cb30000 LB 0x0002e000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
14432294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
14442294.2360: supR3HardenedDllNotificationCallback: load 00007ff817940000 LB 0x0012b000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
14452294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
14462294.2360: supR3HardenedDllNotificationCallback: load 00007ff8204b0000 LB 0x00211000 C:\Windows\SYSTEM32\combase.dll [fFlags=0x0]
14472294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
14482294.2360: supR3HardenedDllNotificationCallback: load 00007ff822c20000 LB 0x00194000 C:\Windows\system32\ole32.dll [fFlags=0x0]
14492294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
14502294.2360: supR3HardenedDllNotificationCallback: load 0000000074340000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
14512294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
14522294.2360: supR3HardenedDllNotificationCallback: load 00007ff822dc0000 LB 0x00054000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
14532294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [avoiding WinVerifyTrust]
14542294.2360: supR3HardenedDllNotificationCallback: load 00007ff805630000 LB 0x000a4000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\COMCTL32.dll [fFlags=0x0]
14552294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll [avoiding WinVerifyTrust]
14562294.2360: supR3HardenedDllNotificationCallback: load 00007ff821290000 LB 0x01518000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
14572294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
14582294.2360: supR3HardenedDllNotificationCallback: load 00007ff81e320000 LB 0x000b2000 C:\Windows\SYSTEM32\SHCORE.DLL [fFlags=0x0]
14592294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [avoiding WinVerifyTrust]
14602294.2360: supR3HardenedDllNotificationCallback: load 00007ff820ff0000 LB 0x000b6000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
14612294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
14622294.2360: supR3HardenedDllNotificationCallback: load 00007ff820f20000 LB 0x000c1000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
14632294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
14642294.2360: supR3HardenedDllNotificationCallback: load 00007ff822810000 LB 0x00152000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
14652294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [avoiding WinVerifyTrust]
14662294.2360: supR3HardenedDllNotificationCallback: load 00007ff822970000 LB 0x00036000 C:\Windows\system32\IMM32.dll [fFlags=0x0]
14672294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
14682294.2360: supR3HardenedDllNotificationCallback: load 00007ff820050000 LB 0x0004f000 C:\Windows\SYSTEM32\cfgmgr32.dll [fFlags=0x0]
14692294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
14702294.2360: supR3HardenedDllNotificationCallback: load 00007ff81ed70000 LB 0x00028000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
14712294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
14722294.2360: supR3HardenedDllNotificationCallback: load 00007ff816210000 LB 0x0002a000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
14732294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
14742294.2360: supR3HardenedDllNotificationCallback: load 00007ff816240000 LB 0x00022000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
14752294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
14762294.2360: supR3HardenedDllNotificationCallback: load 00007ff816640000 LB 0x00082000 C:\Windows\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
14772294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
14782294.2360: supR3HardenedDllNotificationCallback: load 00000000739d0000 LB 0x00969000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
14792294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
14802294.2360: supR3HardenedDllNotificationCallback: load 00000000738c0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
14812294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
14822294.2360: supR3HardenedDllNotificationCallback: load 00000000737e0000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
14832294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
14842294.2360: supR3HardenedDllNotificationCallback: load 00007ffffd890000 LB 0x00875000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
14852294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
14862294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
14872294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
14882294.2360: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll'.
14892294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll' [rescheduled]
14902294.2360: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\dciman32.dll'.
14912294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rescheduled]
14922294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msctf.dll'.
14932294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rescheduled]
14942294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
14952294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
14962294.2360: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
14972294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rescheduled]
14982294.2360: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
14992294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
15002294.2360: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\ddraw.dll'.
15012294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rescheduled]
15022294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
15032294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
15042294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
15052294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
15062294.2360: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
15072294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rescheduled]
15082294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
15092294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
15102294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\devobj.dll'.
15112294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rescheduled]
15122294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
15132294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
15142294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
15152294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
15162294.2360: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\imm32.dll
15172294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
15182294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15192294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
15202294.2360: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
15212294.2360: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
15222294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15232294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15242294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15252294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15262294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15272294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15282294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15292294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15302294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
15312294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15322294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822970000 'C:\Windows\system32\imm32.dll'
15332294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffd890000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
15342294.2360: SUPR3HardenedMain: Calling TrustedMain (00007ffffd891ca0)...
15352294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
15362294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15372294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
15382294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003e0 pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
15392294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
15402294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
15412294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=011C79DEF7FEEC81838000B9664073BAE4A7CB92
15422294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
15432294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
15442294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1357_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
15452294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15462294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15472294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
15482294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
15492294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll)WinVerifyTrust
15502294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
15512294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15522294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15532294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15542294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15552294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15562294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15572294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15582294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
15592294.2360: supR3HardenedDllNotificationCallback: load 00007ff81ebf0000 LB 0x00129000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
15602294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
15612294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ebf0000 'C:\Windows\system32\uxtheme.dll'
15622294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
15632294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15642294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ebf0000 'C:\Windows\system32\uxtheme.dll'
15652294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
15662294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15672294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ebf0000 'C:\Windows\system32\uxtheme.dll'
15682294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
15692294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15702294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ebf0000 'C:\Windows\system32\uxtheme.dll'
15712294.2360: \Device\HarddiskVolume5\Fraps\fraps64.dll: Owner is administrators group.
15722294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
15732294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15742294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
15752294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume5\Fraps\fraps64.dll)WinVerifyTrust
15762294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume5\Fraps\fraps64.dll
15772294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15782294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15792294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
15802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15812294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15822294.2360: supR3HardenedMonitor_LdrLoadDll: pName=D:\Fraps\fraps64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15832294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume5\Fraps\fraps64.dll
15842294.2360: supR3HardenedDllNotificationCallback: load 0000000071620000 LB 0x00034000 D:\Fraps\fraps64.dll [fFlags=0x0]
15852294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume5\Fraps\fraps64.dll
15862294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000071620000 'D:\Fraps\fraps64.dll'
15872294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15882294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'user32.dll'.
15892294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'gdi32.dll'.
15902294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll)
15912294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
15922294.2360: supR3HardenedDllNotificationCallback: load 00007ff81e120000 LB 0x00021000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
15932294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
15942294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
15952294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
15962294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
15972294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
15982294.2360: supR3HardenedDllNotificationCallback: load 00007ff81edc0000 LB 0x0000b000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
15992294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
16002294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16012294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16022294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16032294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16042294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16052294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16062294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16072294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16082294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16092294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16102294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
16112294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
16122294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'
16132294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
16142294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
16152294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dwmapi.dll'
16162294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
16172294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16182294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff821290000 'C:\Windows\system32\shell32.dll'
16192294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
16202294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16212294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820830000 'C:\Windows\system32\kernel32.dll'
16222294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16232294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16242294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ebf0000 'C:\Windows\system32\uxtheme.dll'
16252294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16262294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16272294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ebf0000 'C:\Windows\system32\uxtheme.dll'
16282294.2360: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
16292294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16302294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
16312294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820970000 'C:\Windows\system32\user32.dll'
16322294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16332294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16342294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ebf0000 'C:\Windows\system32\uxtheme.dll'
16352294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820970000 'C:\Windows\system32\user32.dll'
16362294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
16372294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16382294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822b70000 'C:\Windows\system32\advapi32.dll'
16392294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
16402294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
16412294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16422294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
16432294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'profapi.dll'.
16442294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll)WinVerifyTrust
16452294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
16462294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
16472294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
16482294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
16492294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16502294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16512294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16522294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16532294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16542294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
16552294.2360: supR3HardenedDllNotificationCallback: load 00007ff81f570000 LB 0x00021000 C:\Windows\system32\userenv.dll [fFlags=0x0]
16562294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
16572294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f570000 'C:\Windows\system32\userenv.dll'
16582294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
16592294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16602294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820830000 'C:\Windows\system32\kernel32.dll'
16612294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16622294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
16632294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
16642294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
16652294.2360: supR3HardenedDllNotificationCallback: load 00007ff820c80000 LB 0x000b6000 C:\Windows\SYSTEM32\clbcatq.dll [fFlags=0x0]
16662294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\clbcatq.dll [avoiding WinVerifyTrust]
16672294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16682294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16692294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16702294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16712294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
16722294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
16732294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\clbcatq.dll'
16742294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
16752294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
16762294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
16772294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820f20000 'C:\Windows\System32\oleaut32.dll'
16782294.2360: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\sxs.dll)
16792294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sxs.dll
16802294.2360: supR3HardenedDllNotificationCallback: load 00007ff81fe60000 LB 0x00099000 C:\Windows\SYSTEM32\sxs.dll [fFlags=0x0]
16812294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\sxs.dll [avoiding WinVerifyTrust]
16822294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000006f8 pwszName=\Device\HarddiskVolume4\Windows\System32\sxs.dll
16832294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
16842294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
16852294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CE9E354C30F5B2A6EDC3DE9416DF14533BE89816
16862294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
16872294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
16882294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_846_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\sxs.dll'
16892294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16902294.2360: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sxs.dll'
16912294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
16922294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16932294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820f20000 'C:\Windows\system32\OLEAUT32.dll'
16942294.2360: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
16952294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16962294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
16972294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8206d0000 'C:\Windows\system32\gdi32.dll'
16982294.19dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
16992294.19dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
17002294.19dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
17012294.19dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
17022294.19dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
17032294.19dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
17042294.19dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
17052294.19dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
17062294.19dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll)WinVerifyTrust
17072294.19dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
17082294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17092294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17102294.19dc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
17112294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17122294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17132294.19dc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
17142294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
17152294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
17162294.19dc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
17172294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17182294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17192294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17202294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17212294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17222294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17232294.19dc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
17242294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17252294.19dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17262294.19dc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
17272294.19dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17282294.19dc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
17292294.19dc: supR3HardenedDllNotificationCallback: load 00007ffffd050000 LB 0x004f9000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
17302294.19dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
17312294.19dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffd050000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
17322294.1850: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
17332294.1850: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
17342294.1850: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
17352294.1850: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
17362294.1850: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
17372294.1850: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll)WinVerifyTrust
17382294.1850: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
17392294.1850: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17402294.1850: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17412294.1850: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17422294.1850: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17432294.1850: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17442294.1850: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
17452294.1850: supR3HardenedDllNotificationCallback: load 00007ff8170c0000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
17462294.1850: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
17472294.1850: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8170c0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
17482294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820970000 'C:\Windows\system32\user32.dll'
17492294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
17502294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17512294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff821290000 'C:\Windows\system32\shell32.dll'
17522294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
17532294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17542294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822c20000 'C:\Windows\system32\ole32.dll'
17552294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [redoing WinVerifyTrust]
17562294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
17572294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
17582294.2360: supR3HardenedScreenImage/LdrLoadDll: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
17592294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17602294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822810000 'C:\Windows\system32\MSCTF.dll'
17612294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
17622294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17632294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822c20000 'C:\Windows\system32\ole32.dll'
17642294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
17652294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17662294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820f20000 'C:\Windows\system32\OLEAUT32.dll'
17672294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a8c pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
17682294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
17692294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
17702294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=423F3447A3399AF560C707709A03AE5E23FA1CAD
17712294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
17722294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
17732294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_746_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll'
17742294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17752294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17762294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
17772294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
17782294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll)WinVerifyTrust
17792294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
17802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
17812294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
17822294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a9c pwszName=\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
17832294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
17842294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
17852294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3E264B83DD0BC4A26011E964C5856C40BC4FD6A4
17862294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
17872294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
17882294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_746_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll'
17892294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17902294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17912294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'ws2_32.dll'.
17922294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll)WinVerifyTrust
17932294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
17942294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
17952294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
17962294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
17972294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17982294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17992294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
18002294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
18012294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
18022294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18032294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18042294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
18052294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
18062294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
18072294.2360: supR3HardenedDllNotificationCallback: load 00007ff818f50000 LB 0x00082000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
18082294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
18092294.2360: supR3HardenedDllNotificationCallback: load 00007ff816e50000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
18102294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
18112294.2360: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
18122294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8200a0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
18132294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816e50000 'C:\Windows\system32\wbem\wbemprox.dll'
18142294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aa4 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
18152294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
18162294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
18172294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=34CAAFAC191912291EB7000AE3D54335A7FD4C18
18182294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
18192294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18202294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
18212294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
18222294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_746_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll'
18232294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18242294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18252294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
18262294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll)WinVerifyTrust
18272294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
18282294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18292294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18302294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18312294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18322294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
18332294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
18342294.2360: supR3HardenedDllNotificationCallback: load 00007ff816a10000 LB 0x00015000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
18352294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
18362294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816a10000 'C:\Windows\system32\wbem\wbemsvc.dll'
18372294.2360: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
18382294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8200a0000 'api-ms-win-core-localization-l1-2-0.dll'
18392294.2360: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
18402294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8200a0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
18412294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af4 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
18422294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
18432294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
18442294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=92F5EA7DEF5292B930D85382B83309F563FFA69F
18452294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
18462294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
18472294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_746_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll'
18482294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18492294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18502294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
18512294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll)WinVerifyTrust
18522294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
18532294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
18542294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
18552294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
18562294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18572294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18582294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
18592294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
18602294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
18612294.2360: supR3HardenedDllNotificationCallback: load 00007ff816a30000 LB 0x000fb000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
18622294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
18632294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816a30000 'C:\Windows\system32\wbem\fastprox.dll'
18642294.2360: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll' [redir]
18652294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll [redoing WinVerifyTrust]
18662294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll
18672294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
18682294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
18692294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D2439957F4F4E64F3771B4CC408D22259C95DE82
18702294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
18712294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
18722294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1358_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll'
18732294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18742294.2360: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll'
18752294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18762294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff805630000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_34aa3313958e7a52\comctl32.dll'
18772294.13ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
18782294.13ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
18792294.13ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
18802294.13ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
18812294.13ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
18822294.13ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
18832294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
18842294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
18852294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
18862294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
18872294.13ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
18882294.13ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
18892294.13ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
18902294.13ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
18912294.13ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
18922294.13ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll
18932294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18942294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18952294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18962294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18972294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
18982294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
18992294.13ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19002294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19012294.13ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19022294.13ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19032294.13ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19042294.13ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll
19052294.13ac: supR3HardenedDllNotificationCallback: load 00000000736d0000 LB 0x0010a000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
19062294.13ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll
19072294.13ac: supR3HardenedDllNotificationCallback: load 00007ff800040000 LB 0x00262000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
19082294.13ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19092294.13ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff800040000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
19102294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
19112294.1404: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
19122294.1404: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19132294.1404: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
19142294.1404: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
19152294.1404: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
19162294.1404: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll)WinVerifyTrust
19172294.1404: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
19182294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19192294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19202294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19212294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19222294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
19232294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
19242294.1404: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19252294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19262294.1404: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19272294.1404: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19282294.1404: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
19292294.1404: supR3HardenedDllNotificationCallback: load 00007ff818a80000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
19302294.1404: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
19312294.1404: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a80000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
19322294.1270: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
19332294.1270: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19342294.1270: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
19352294.1270: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll)WinVerifyTrust
19362294.1270: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
19372294.1270: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19382294.1270: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19392294.1270: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19402294.1270: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19412294.1270: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19422294.1270: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
19432294.1270: supR3HardenedDllNotificationCallback: load 00007ff8184a0000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
19442294.1270: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
19452294.1270: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8184a0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
19462294.1428: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
19472294.1428: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19482294.1428: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
19492294.1428: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
19502294.1428: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll)WinVerifyTrust
19512294.1428: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
19522294.1428: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19532294.1428: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19542294.1428: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19552294.1428: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19562294.1428: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
19572294.1428: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19582294.1428: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19592294.1428: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19602294.1428: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
19612294.1428: supR3HardenedDllNotificationCallback: load 00007ff817a80000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
19622294.1428: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
19632294.1428: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff817a80000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
19642294.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
19652294.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19662294.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
19672294.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
19682294.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll)WinVerifyTrust
19692294.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
19702294.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19712294.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19722294.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19732294.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19742294.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
19752294.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19762294.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19772294.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19782294.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
19792294.212c: supR3HardenedDllNotificationCallback: load 00007ff817740000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
19802294.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
19812294.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff817740000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
19822294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
19832294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19842294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff821290000 'C:\Windows\system32/Shell32.dll'
19852294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19862294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19872294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff800040000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
19882294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
19892294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19902294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
19912294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
19922294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
19932294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
19942294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll)WinVerifyTrust
19952294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
19962294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19972294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
19982294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
19992294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20002294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
20012294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
20022294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20032294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20042294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20052294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20062294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20072294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20082294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20092294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
20102294.5ac: supR3HardenedDllNotificationCallback: load 00007ff815400000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
20112294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
20122294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff815400000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
20132294.5ac: supR3HardenedDllNotificationCallback: Unload 00007ff815400000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
20142294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
20152294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
20162294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20172294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
20182294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20192294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
20202294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
20212294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
20222294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
20232294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
20242294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
20252294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
20262294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll)WinVerifyTrust
20272294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
20282294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
20292294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
20302294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
20312294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
20322294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
20332294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winnsi.dll'.
20342294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL)WinVerifyTrust
20352294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
20362294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20372294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
20382294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
20392294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20402294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
20412294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
20422294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
20432294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
20442294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
20452294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
20462294.5ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winnsi.dll'.
20472294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
20482294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
20492294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winnsi.dll)
20502294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winnsi.dll
20512294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
20522294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
20532294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
20542294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
20552294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
20562294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
20572294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20582294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20592294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
20602294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
20612294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'cfgmgr32.dll'.
20622294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
20632294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
20642294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\setupapi.dll)WinVerifyTrust
20652294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\setupapi.dll
20662294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20672294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20682294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
20692294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
20702294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20712294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20722294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
20732294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20742294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20752294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
20762294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
20772294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
20782294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
20792294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20802294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
20812294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20822294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll)WinVerifyTrust
20832294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
20842294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
20852294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
20862294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20872294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20882294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
20892294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
20902294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
20912294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20922294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20932294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
20942294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
20952294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20962294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
20972294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
20982294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
20992294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
21002294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
21012294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll)WinVerifyTrust
21022294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
21032294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
21042294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
21052294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
21062294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
21072294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
21082294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21092294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21102294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21112294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21122294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
21132294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume4\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
21142294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d08 pwszName=\Device\HarddiskVolume4\Windows\System32\newdev.dll
21152294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
21162294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
21172294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9B90F53BC1E04734936A6993D9005F5A7C816F8F
21182294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
21192294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
21202294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_868_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\newdev.dll'
21212294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21222294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21232294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
21242294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
21252294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
21262294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
21272294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
21282294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
21292294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\newdev.dll)WinVerifyTrust
21302294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\newdev.dll
21312294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
21322294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
21332294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
21342294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21352294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21362294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
21372294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
21382294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21392294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21402294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
21412294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
21422294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
21432294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
21442294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
21452294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [redoing WinVerifyTrust]
21462294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
21472294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
21482294.5ac: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'
21492294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
21502294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume4\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
21512294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21522294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21532294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21542294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21552294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21562294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21572294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21582294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21592294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21602294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
21612294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
21622294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
21632294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
21642294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\newdev.dll
21652294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
21662294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21672294.5ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\devrtl.dll)
21682294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devrtl.dll
21692294.5ac: supR3HardenedDllNotificationCallback: load 00007ff820d40000 LB 0x001da000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
21702294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
21712294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81b1b0000 LB 0x00016000 C:\Windows\SYSTEM32\devrtl.DLL [fFlags=0x0]
21722294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
21732294.5ac: supR3HardenedDllNotificationCallback: load 00007ff814740000 LB 0x00056000 C:\Windows\SYSTEM32\newdev.dll [fFlags=0x0]
21742294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\newdev.dll
21752294.5ac: supR3HardenedDllNotificationCallback: load 00007ff8137d0000 LB 0x00061000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
21762294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
21772294.5ac: supR3HardenedDllNotificationCallback: load 00007ff815400000 LB 0x00035000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
21782294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
21792294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81b170000 LB 0x0000a000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
21802294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
21812294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81b180000 LB 0x0002a000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
21822294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
21832294.5ac: supR3HardenedDllNotificationCallback: load 00007ffff5780000 LB 0x008d2000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
21842294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
21852294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff5780000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
21862294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d18 pwszName=\Device\HarddiskVolume4\Windows\System32\devrtl.dll
21872294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
21882294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
21892294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1BD420FD87C527DD7764DD8C12C3F1C9F0448C71
21902294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21912294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21922294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
21932294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
21942294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1966_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\devrtl.dll'
21952294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21962294.5ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\devrtl.dll'
21972294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
21982294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
21992294.5ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\winnsi.dll'
22002294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22012294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
22022294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22032294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
22042294.5ac: supR3HardenedDllNotificationCallback: load 00007ff814970000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
22052294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
22062294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff814970000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
22072294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22082294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
22092294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22102294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffd050000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
22112294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22122294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
22132294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22142294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff815400000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
22152294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22162294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22172294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22182294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22192294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll)WinVerifyTrust
22202294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
22212294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22222294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22232294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22242294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22252294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22262294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
22272294.5ac: supR3HardenedDllNotificationCallback: load 00007ff815320000 LB 0x00013000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
22282294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
22292294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff815320000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL'
22302294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22312294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22322294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22332294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22342294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll)WinVerifyTrust
22352294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
22362294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22372294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22382294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22392294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22402294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22412294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
22422294.5ac: supR3HardenedDllNotificationCallback: load 00007ff8152c0000 LB 0x00017000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
22432294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
22442294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8152c0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL'
22452294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22462294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22472294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22482294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22492294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll)WinVerifyTrust
22502294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
22512294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22522294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22532294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22542294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22552294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22562294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
22572294.5ac: supR3HardenedDllNotificationCallback: load 00007ff814950000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
22582294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
22592294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff814950000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL'
22602294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22612294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22622294.12d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22632294.12d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22642294.12d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
22652294.12d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
22662294.12d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll)WinVerifyTrust
22672294.12d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
22682294.12d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22692294.12d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22702294.12d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
22712294.12d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
22722294.12d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22732294.12d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22742294.12d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22752294.12d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22762294.12d8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
22772294.12d8: supR3HardenedDllNotificationCallback: load 00007ff8152b0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
22782294.12d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
22792294.12d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8152b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
22802294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22812294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
22822294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22832294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22842294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll)WinVerifyTrust
22852294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
22862294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22872294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22882294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22892294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22902294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22912294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
22922294.5ac: supR3HardenedDllNotificationCallback: load 00007ff817030000 LB 0x00009000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
22932294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
22942294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff817030000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL'
22952294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
22962294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22972294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81b180000 'C:\Windows\system32/Iphlpapi.dll'
22982294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
22992294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
23002294.5ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll)
23012294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll
23022294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81a850000 LB 0x00016000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
23032294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
23042294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
23052294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
23062294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
23072294.5ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll)
23082294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll
23092294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81a830000 LB 0x0001a000 C:\Windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
23102294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
23112294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e44 pwszName=\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll
23122294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
23132294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
23142294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7A32ED884F605C3353300D1165178C01A252E7
23152294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
23162294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
23172294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
23182294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
23192294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
23202294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
23212294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23222294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23232294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
23242294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
23252294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23262294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23272294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
23282294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
23292294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1995_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll'
23302294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23312294.5ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll'
23322294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e38 pwszName=\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll
23332294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
23342294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
23352294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=852EBF87DB04C5286E131027705696EE75673482
23362294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
23372294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
23382294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1995_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll'
23392294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23402294.5ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll'
23412294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000edc pwszName=\Device\HarddiskVolume4\Windows\System32\dsound.dll
23422294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
23432294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
23442294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DF2CE4B6EA46F5759902C86AAA15DD883AC6DD4E
23452294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
23462294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
23472294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_779_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\dsound.dll'
23482294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23492294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23502294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
23512294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
23522294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
23532294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
23542294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
23552294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dsound.dll)WinVerifyTrust
23562294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dsound.dll
23572294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
23582294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
23592294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
23602294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
23612294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23622294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
23632294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)WinVerifyTrust
23642294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
23652294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
23662294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
23672294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
23682294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23692294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23702294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23712294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23722294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23732294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23742294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23752294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23762294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23772294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23782294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23792294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23802294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
23812294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
23822294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\powrprof.dll
23832294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81ff20000 LB 0x00046000 C:\Windows\System32\POWRPROF.dll [fFlags=0x0]
23842294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\powrprof.dll
23852294.5ac: supR3HardenedDllNotificationCallback: load 00007ff8155d0000 LB 0x0009d000 C:\Windows\System32\dsound.dll [fFlags=0x0]
23862294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
23872294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
23882294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23892294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8155d0000 'C:\Windows\System32\dsound.dll'
23902294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8155d0000 'C:\Windows\System32\dsound.dll'
23912294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
23922294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
23932294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23942294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'rpcrt4.dll'.
23952294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'devobj.dll'.
23962294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll)WinVerifyTrust
23972294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
23982294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
23992294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
24002294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [redoing WinVerifyTrust]
24012294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
24022294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
24032294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24042294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
24052294.5ac: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\devobj.dll'
24062294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24072294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24082294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24092294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24102294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
24112294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
24122294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81d410000 LB 0x00070000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
24132294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
24142294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81d410000 'C:\Windows\System32\MMDevApi.dll'
24152294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
24162294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24172294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81d410000 'C:\Windows\system32\MMDEVAPI.DLL'
24182294.2064: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
24192294.2064: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
24202294.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24212294.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
24222294.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
24232294.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'mmdevapi.dll'.
24242294.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
24252294.2064: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll)WinVerifyTrust
24262294.2064: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
24272294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
24282294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
24292294.2064: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
24302294.2064: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
24312294.2064: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
24322294.2064: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\combase.dll'
24332294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
24342294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
24352294.2064: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
24362294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24372294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24382294.2064: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
24392294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24402294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24412294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24422294.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24432294.2064: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24442294.2064: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
24452294.2064: supR3HardenedDllNotificationCallback: load 00007ff811520000 LB 0x0007e000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
24462294.2064: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
24472294.2064: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff811520000 'C:\Windows\system32\AUDIOSES.DLL'
24482294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
24492294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24502294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
24512294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f14 pwszName=\Device\HarddiskVolume4\Windows\System32\wdmaud.drv
24522294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
24532294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
24542294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=39D0975C289FEE943955B8CE81B02A0395FAA747
24552294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
24562294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
24572294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_779_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\wdmaud.drv'
24582294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24592294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24602294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'mmdevapi.dll'.
24612294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'user32.dll'.
24622294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'winmm.dll'.
24632294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'.
24642294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'avrt.dll'.
24652294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv)WinVerifyTrust
24662294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
24672294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
24682294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
24692294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
24702294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
24712294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll)WinVerifyTrust
24722294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll
24732294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
24742294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
24752294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
24762294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
24772294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24782294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll)WinVerifyTrust
24792294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll
24802294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
24812294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
24822294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
24832294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24842294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
24852294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
24862294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
24872294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
24882294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24892294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24902294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24912294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24922294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24932294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
24942294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
24952294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
24962294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81aa30000 LB 0x00008000 C:\Windows\SYSTEM32\ksuser.dll [fFlags=0x0]
24972294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
24982294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81def0000 LB 0x0000c000 C:\Windows\SYSTEM32\AVRT.dll [fFlags=0x0]
24992294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
25002294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81ab50000 LB 0x0003e000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
25012294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25022294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25032294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25042294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25052294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25062294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25072294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25082294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25092294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25102294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25112294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25122294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25132294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25142294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25152294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25162294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25172294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25182294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25192294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25202294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25212294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25222294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25232294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25242294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25252294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25262294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25272294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25282294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
25292294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25302294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25312294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25322294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25332294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25342294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25352294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25362294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25372294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25382294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25392294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25402294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25412294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ab50000 'C:\Windows\system32\wdmaud.drv'
25422294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f9c pwszName=\Device\HarddiskVolume4\Windows\System32\msacm32.drv
25432294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
25442294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
25452294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FC41C5E1A841A83249581F1B29E14A708B8981A9
25462294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
25472294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
25482294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_779_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\msacm32.drv'
25492294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25502294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25512294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
25522294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
25532294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
25542294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
25552294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv)WinVerifyTrust
25562294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25572294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
25582294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
25592294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
25602294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
25612294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
25622294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
25632294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
25642294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25652294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll)WinVerifyTrust
25662294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll
25672294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
25682294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
25692294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
25702294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25712294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25722294.5ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
25732294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25742294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25752294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25762294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25772294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25782294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25792294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
25802294.5ac: supR3HardenedDllNotificationCallback: load 00007ff818c70000 LB 0x0001c000 C:\Windows\SYSTEM32\MSACM32.dll [fFlags=0x0]
25812294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
25822294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81cb10000 LB 0x0000b000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
25832294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25842294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
25852294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25862294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25872294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
25882294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25892294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25902294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
25912294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25922294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25932294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
25942294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25952294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25962294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
25972294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
25982294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25992294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
26002294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
26012294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26022294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
26032294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
26042294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
26052294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81cb10000 'C:\Windows\system32\msacm32.drv'
26062294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ef0 pwszName=\Device\HarddiskVolume4\Windows\System32\midimap.dll
26072294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
26082294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
26092294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A0F2984C30BFC77017EA7B9BF6F656853E29D991
26102294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
26112294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
26122294.5ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_779_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\midimap.dll'
26132294.5ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26142294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26152294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
26162294.5ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
26172294.5ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\midimap.dll)WinVerifyTrust
26182294.5ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll
26192294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
26202294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
26212294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26222294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26232294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26242294.5ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26252294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26262294.5ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
26272294.5ac: supR3HardenedDllNotificationCallback: load 00007ff81b4b0000 LB 0x0000a000 C:\Windows\system32\midimap.dll [fFlags=0x0]
26282294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
26292294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81b4b0000 'C:\Windows\system32\midimap.dll'
26302294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
26312294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26322294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81b4b0000 'C:\Windows\system32\midimap.dll'
26332294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
26342294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26352294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81b4b0000 'C:\Windows\system32\midimap.dll'
26362294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
26372294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26382294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81b4b0000 'C:\Windows\system32\midimap.dll'
26392294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26402294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26412294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26422294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26432294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26442294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26452294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
26462294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26472294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26482294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26492294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26502294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26512294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26522294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26532294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26542294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26552294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26562294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26572294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26582294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\system32\winmm.dll'
26592294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff800040000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
26602294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
26612294.5ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
26622294.5ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26632294.5ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820830000 'C:\Windows\system32/kernel32.dll'
26642294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000710 pwszName=\Device\HarddiskVolume4\Windows\System32\mscms.dll
26652294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
26662294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
26672294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C01A2E8CE3347A322BF0830A5BC147EBA8BAD06F
26682294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
26692294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
26702294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1529_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\mscms.dll'
26712294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26722294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26732294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'userenv.dll'.
26742294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mscms.dll)WinVerifyTrust
26752294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mscms.dll
26762294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
26772294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
26782294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
26792294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26802294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26812294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mscms.dll (Input=mscms.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26822294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mscms.dll
26832294.2360: supR3HardenedDllNotificationCallback: load 00007ff8091d0000 LB 0x00092000 C:\Windows\system32\mscms.dll [fFlags=0x0]
26842294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mscms.dll
26852294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8091d0000 'C:\Windows\system32\mscms.dll'
26862294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001098 pwszName=\Device\HarddiskVolume4\Windows\System32\icm32.dll
26872294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
26882294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
26892294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=47D46A3D26A83E75181F440594F6DC145125C84E
26902294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
26912294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
26922294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1529_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\icm32.dll'
26932294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26942294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26952294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mscms.dll'.
26962294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\icm32.dll)WinVerifyTrust
26972294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\icm32.dll
26982294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mscms.dll'...
26992294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'mscms.dll' -> '\Device\HarddiskVolume4\Windows\System32\mscms.dll' [rcNtRedir=0xc0150008]
27002294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mscms.dll
27012294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27022294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27032294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\icm32.dll (Input=icm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
27042294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\icm32.dll
27052294.2360: supR3HardenedDllNotificationCallback: load 00007ff816750000 LB 0x00041000 C:\Windows\system32\icm32.dll [fFlags=0x0]
27062294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\icm32.dll
27072294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816750000 'C:\Windows\system32\icm32.dll'
27082294.46c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
27092294.46c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27102294.46c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81def0000 'C:\Windows\system32\avrt.dll'
27112294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820970000 'C:\Windows\system32\user32.dll'
27122294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff816240000 'C:\Windows\SYSTEM32\WINMM.dll'
27132294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822c20000 'C:\Windows\system32\ole32.dll'
27142294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000106c pwszName=\Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
27152294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
27162294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
27172294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8201c0000 'C:\Windows\System32\WINTRUST.DLL'
27182294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\CRYPT32.dll'
27192294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E44A2AC53DCA307CA985CD7B698D342049C4465
27202294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
27212294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
27222294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2947_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\ink\tiptsf.dll'
27232294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27242294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27252294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
27262294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'user32.dll'.
27272294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'combase.dll'.
27282294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\ink\tiptsf.dll)WinVerifyTrust
27292294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
27302294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
27312294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
27322294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
27332294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27342294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27352294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27362294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27372294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27382294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27392294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27402294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
27412294.2360: supR3HardenedDllNotificationCallback: load 00007ff81ca60000 LB 0x000ab000 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll [fFlags=0x0]
27422294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
27432294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ca60000 'C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll'
27442294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
27452294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27462294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822810000 'C:\Windows\system32\msctf.dll'
27472294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
27482294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27492294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81ca60000 'C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll'
27502294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
27512294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll (Input=msctf.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
27522294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822810000 'C:\Windows\system32\msctf.dll'
27532294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007a0 pwszName=\Device\HarddiskVolume4\Windows\System32\oleacc.dll
27542294.2360: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c4c6f0
27552294.2360: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c4c6f0
27562294.2360: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EA90B8085DA7E4B980883F7A985A08EB765E955
27572294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
27582294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820220000 'C:\Windows\system32\crypt32.dll'
27592294.2360: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1536_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume4\Windows\System32\oleacc.dll'
27602294.2360: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27612294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27622294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
27632294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
27642294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'combase.dll'.
27652294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleacc.dll)WinVerifyTrust
27662294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleacc.dll
27672294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
27682294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
27692294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
27702294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27712294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27722294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27732294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27742294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27752294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27762294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleacc.dll (Input=oleacc.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27772294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
27782294.2360: supR3HardenedDllNotificationCallback: load 00007ff81beb0000 LB 0x0006a000 C:\Windows\system32\oleacc.dll [fFlags=0x0]
27792294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
27802294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81beb0000 'C:\Windows\system32\oleacc.dll'
27812294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820f20000 'C:\Windows\system32\OLEAUT32.DLL'
27822294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
27832294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27842294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81beb0000 'C:\Windows\system32\oleacc.dll'
27852294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81f4b0000 'C:\Windows\system32\rsaenh.dll'
27862294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818a40000 'C:\Windows\System32\cryptnet.dll'
27872294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qtguivbox4.dll'.
27882294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
27892294.2360: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
27902294.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll)WinVerifyTrust
27912294.2360: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll
27922294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27932294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27942294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
27952294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
27962294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
27972294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
27982294.2360: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
27992294.2360: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
28002294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28012294.2360: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll
28022294.2360: supR3HardenedDllNotificationCallback: load 00007ff80c2c0000 LB 0x0003b000 C:\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll [fFlags=0x0]
28032294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll
28042294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff80c2c0000 'C:\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll'
28052294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
28062294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28072294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81beb0000 'C:\Windows\System32\oleacc.dll'
28082294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
28092294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll (Input=msctf.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28102294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822810000 'C:\Windows\system32\msctf.dll'
28112294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff820970000 'C:\Windows\system32\user32.dll'
28122294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
28132294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28142294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff821290000 'C:\Windows\system32\shell32.dll'
28152294.2360: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
28162294.2360: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll (Input=msctf.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28172294.2360: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822810000 'C:\Windows\system32\msctf.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy