VirtualBox

Ticket #14460: VBoxStartup.log

File VBoxStartup.log, 204.1 KB (added by _Dale_, 9 years ago)

Logfile from Virtualbox LOG directory

Line 
12a1c.2e38: Log file opened: 5.0.2r102096 g_hStartupLog=0000000000000058 g_uNtVerCombined=0xa0280000
22a1c.2e38: \SystemRoot\System32\ntdll.dll:
32a1c.2e38: CreationTime: 2015-08-11T22:39:33.379985300Z
42a1c.2e38: LastWriteTime: 2015-08-08T07:29:58.168349600Z
52a1c.2e38: ChangeTime: 2015-08-12T07:01:01.158849400Z
62a1c.2e38: FileAttributes: 0x20
72a1c.2e38: Size: 0x1bce48
82a1c.2e38: NT Headers: 0xd8
92a1c.2e38: Timestamp: 0x55c59f92
102a1c.2e38: Machine: 0x8664 - amd64
112a1c.2e38: Timestamp: 0x55c59f92
122a1c.2e38: Image Version: 10.0
132a1c.2e38: SizeOfImage: 0x1c1000 (1839104)
142a1c.2e38: Resource Dir: 0x15a000 LB 0x65718
152a1c.2e38: ProductName: Microsoft® Windows® Operating System
162a1c.2e38: ProductVersion: 10.0.10240.16430
172a1c.2e38: FileVersion: 10.0.10240.16430 (th1.150807-2049)
182a1c.2e38: FileDescription: NT Layer DLL
192a1c.2e38: \SystemRoot\System32\kernel32.dll:
202a1c.2e38: CreationTime: 2015-07-10T10:59:59.699781600Z
212a1c.2e38: LastWriteTime: 2015-07-10T10:59:59.699781600Z
222a1c.2e38: ChangeTime: 2015-08-03T23:47:06.262647800Z
232a1c.2e38: FileAttributes: 0x20
242a1c.2e38: Size: 0xab830
252a1c.2e38: NT Headers: 0xf0
262a1c.2e38: Timestamp: 0x559f38ad
272a1c.2e38: Machine: 0x8664 - amd64
282a1c.2e38: Timestamp: 0x559f38ad
292a1c.2e38: Image Version: 10.0
302a1c.2e38: SizeOfImage: 0xad000 (708608)
312a1c.2e38: Resource Dir: 0xab000 LB 0x518
322a1c.2e38: ProductName: Microsoft® Windows® Operating System
332a1c.2e38: ProductVersion: 10.0.10240.16384
342a1c.2e38: FileVersion: 10.0.10240.16384 (th1.150709-1700)
352a1c.2e38: FileDescription: Windows NT BASE API Client DLL
362a1c.2e38: \SystemRoot\System32\KernelBase.dll:
372a1c.2e38: CreationTime: 2015-07-10T11:00:10.325689700Z
382a1c.2e38: LastWriteTime: 2015-07-10T11:00:10.325689700Z
392a1c.2e38: ChangeTime: 2015-08-03T23:47:06.278273600Z
402a1c.2e38: FileAttributes: 0x20
412a1c.2e38: Size: 0x1dc680
422a1c.2e38: NT Headers: 0x100
432a1c.2e38: Timestamp: 0x559f38c3
442a1c.2e38: Machine: 0x8664 - amd64
452a1c.2e38: Timestamp: 0x559f38c3
462a1c.2e38: Image Version: 10.0
472a1c.2e38: SizeOfImage: 0x1dd000 (1953792)
482a1c.2e38: Resource Dir: 0x1c7000 LB 0x530
492a1c.2e38: ProductName: Microsoft® Windows® Operating System
502a1c.2e38: ProductVersion: 10.0.10240.16384
512a1c.2e38: FileVersion: 10.0.10240.16384 (th1.150709-1700)
522a1c.2e38: FileDescription: Windows NT BASE API Client DLL
532a1c.2e38: \SystemRoot\System32\apisetschema.dll:
542a1c.2e38: CreationTime: 2015-07-10T11:00:04.872098600Z
552a1c.2e38: LastWriteTime: 2015-07-10T11:00:04.872098600Z
562a1c.2e38: ChangeTime: 2015-08-03T23:47:05.043835000Z
572a1c.2e38: FileAttributes: 0x20
582a1c.2e38: Size: 0x16760
592a1c.2e38: NT Headers: 0xc8
602a1c.2e38: Timestamp: 0x559f3e3d
612a1c.2e38: Machine: 0x8664 - amd64
622a1c.2e38: Timestamp: 0x559f3e3d
632a1c.2e38: Image Version: 10.0
642a1c.2e38: SizeOfImage: 0x17000 (94208)
652a1c.2e38: Resource Dir: 0x16000 LB 0x3f0
662a1c.2e38: ProductName: Microsoft® Windows® Operating System
672a1c.2e38: ProductVersion: 10.0.10240.16384
682a1c.2e38: FileVersion: 10.0.10240.16384 (th1.150709-1700)
692a1c.2e38: FileDescription: ApiSet Schema DLL
702a1c.2e38: NtOpenDirectoryObject failed on \Driver: 0xc0000022
712a1c.2e38: supR3HardenedWinFindAdversaries: 0x0
722a1c.2e38: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
732a1c.2e38: Calling main()
742a1c.2e38: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
752a1c.2e38: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
762a1c.2e38: SUPR3HardenedMain: Respawn #1
772a1c.2e38: System32: \Device\HarddiskVolume3\Windows\System32
782a1c.2e38: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
792a1c.2e38: KnownDllPath: C:\WINDOWS\system32
802a1c.2e38: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
812a1c.2e38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
822a1c.2e38: supR3HardNtEnableThreadCreation:
832a1c.2e38: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd2727fb70 pvNtTerminateThread=00007ffd272a3a20
842a1c.2e38: supR3HardenedWinDoReSpawn(1): New child 2964.26dc [kernel32].
852a1c.2e38: supR3HardNtChildGatherData: PebBaseAddress=00007ff79d92f000 cbPeb=0x388
862a1c.2e38: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd27210000 uNtDllChildAddr=00007ffd27210000
872a1c.2e38: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd2727fb70
882a1c.2e38: supR3HardenedWinSetupChildInit: Start child.
892a1c.2e38: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
902a1c.2e38: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 31 sleeps
912a1c.2e38: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
922a1c.2e38: *0000000000000000-ffffffffff86ffff 0x0001/0x0000 0x0000000
932a1c.2e38: *0000000000790000-000000000076ffff 0x0004/0x0004 0x0020000
942a1c.2e38: *00000000007b0000-000000000079bfff 0x0002/0x0002 0x0040000
952a1c.2e38: 00000000007c4000-00000000007b7fff 0x0001/0x0000 0x0000000
962a1c.2e38: *00000000007d0000-00000000006d3fff 0x0000/0x0004 0x0020000
972a1c.2e38: 00000000008cc000-00000000008c8fff 0x0104/0x0004 0x0020000
982a1c.2e38: 00000000008cf000-00000000008cdfff 0x0004/0x0004 0x0020000
992a1c.2e38: *00000000008d0000-00000000008cbfff 0x0002/0x0002 0x0040000
1002a1c.2e38: 00000000008d4000-00000000008c7fff 0x0001/0x0000 0x0000000
1012a1c.2e38: *00000000008e0000-00000000008ddfff 0x0004/0x0004 0x0020000
1022a1c.2e38: 00000000008e2000-ffffffff811e3fff 0x0001/0x0000 0x0000000
1032a1c.2e38: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1042a1c.2e38: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1052a1c.2e38: 000000007fff0000-ffff8009626dffff 0x0001/0x0000 0x0000000
1062a1c.2e38: *00007ff79d900000-00007ff79d8dcfff 0x0002/0x0002 0x0040000
1072a1c.2e38: 00007ff79d923000-00007ff79d918fff 0x0001/0x0000 0x0000000
1082a1c.2e38: *00007ff79d92d000-00007ff79d92afff 0x0004/0x0004 0x0020000
1092a1c.2e38: *00007ff79d92f000-00007ff79d92dfff 0x0004/0x0004 0x0020000
1102a1c.2e38: 00007ff79d930000-00007ff79d62ffff 0x0001/0x0000 0x0000000
1112a1c.2e38: *00007ff79dc30000-00007ff79dc30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1122a1c.2e38: 00007ff79dc31000-00007ff79dcb6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1132a1c.2e38: 00007ff79dcb7000-00007ff79dcb7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1142a1c.2e38: 00007ff79dcb8000-00007ff79dd01fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1152a1c.2e38: 00007ff79dd02000-00007ff79dd02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1162a1c.2e38: 00007ff79dd03000-00007ff79dd03fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1172a1c.2e38: 00007ff79dd04000-00007ff79dd05fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1182a1c.2e38: 00007ff79dd06000-00007ff79dd06fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1192a1c.2e38: 00007ff79dd07000-00007ff79dd07fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1202a1c.2e38: 00007ff79dd08000-00007ff79dd0bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1212a1c.2e38: 00007ff79dd0c000-00007ff79dd55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1222a1c.2e38: 00007ff79dd56000-00007ff21489bfff 0x0001/0x0000 0x0000000
1232a1c.2e38: *00007ffd27210000-00007ffd27210fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1242a1c.2e38: 00007ffd27211000-00007ffd2730cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1252a1c.2e38: 00007ffd2730d000-00007ffd2734efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1262a1c.2e38: 00007ffd2734f000-00007ffd27357fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1272a1c.2e38: 00007ffd27358000-00007ffd27365fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1282a1c.2e38: 00007ffd27366000-00007ffd27366fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1292a1c.2e38: 00007ffd27367000-00007ffd27369fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1302a1c.2e38: 00007ffd2736a000-00007ffd273d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1312a1c.2e38: 00007ffd273d1000-00007ffa4e7c1fff 0x0001/0x0000 0x0000000
1322a1c.2e38: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
1332a1c.2e38: VirtualBox.exe: timestamp 0x55ccc4d5 (rc=VINF_SUCCESS)
1342a1c.2e38: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1352a1c.2e38: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
1362a1c.2e38: supR3HardNtChildPurify: Done after 283 ms and 0 fixes (loop #0).
1372a1c.2e38: supR3HardNtEnableThreadCreation:
1382964.26dc: Log file opened: 5.0.2r102096 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0280000
1392964.26dc: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd27210000
1402964.26dc: ntdll.dll: timestamp 0x55c59f92 (rc=VINF_SUCCESS)
1412964.26dc: New simple heap: #1 00000000009f0000 LB 0x400000 (for 1839104 allocation)
1422964.26dc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1432964.26dc: System32: \Device\HarddiskVolume3\Windows\System32
1442964.26dc: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
1452964.26dc: KnownDllPath: C:\WINDOWS\system32
1462964.26dc: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1472964.26dc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1482964.26dc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1492964.26dc: Registered Dll notification callback with NTDLL.
1502964.26dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
1512964.26dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1522964.26dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
1532964.26dc: supR3HardenedDllNotificationCallback: load 00007ffd246e0000 LB 0x001dd000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0]
1542964.26dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
1552964.26dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1562964.26dc: supR3HardenedDllNotificationCallback: load 00007ffd24980000 LB 0x000ad000 C:\WINDOWS\system32\KERNEL32.DLL [fFlags=0x0]
1572964.26dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1582964.26dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24980000 'C:\WINDOWS\system32\KERNEL32.DLL'
1592964.26dc: supR3HardenedDllNotificationCallback: load 00007ff79dc30000 LB 0x00126000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
1602964.26dc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1612964.26dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1622964.26dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1632964.26dc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd2727fb70 pvNtTerminateThread=00007ffd272a3a20
1642a1c.2e38: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 58 ms.
1652964.26dc: \SystemRoot\System32\ntdll.dll:
1662964.26dc: CreationTime: 2015-08-11T22:39:33.379985300Z
1672964.26dc: LastWriteTime: 2015-08-08T07:29:58.168349600Z
1682964.26dc: ChangeTime: 2015-08-12T07:01:01.158849400Z
1692964.26dc: FileAttributes: 0x20
1702964.26dc: Size: 0x1bce48
1712964.26dc: NT Headers: 0xd8
1722964.26dc: Timestamp: 0x55c59f92
1732964.26dc: Machine: 0x8664 - amd64
1742964.26dc: Timestamp: 0x55c59f92
1752964.26dc: Image Version: 10.0
1762964.26dc: SizeOfImage: 0x1c1000 (1839104)
1772964.26dc: Resource Dir: 0x15a000 LB 0x65718
1782964.26dc: ProductName: Microsoft® Windows® Operating System
1792964.26dc: ProductVersion: 10.0.10240.16430
1802964.26dc: FileVersion: 10.0.10240.16430 (th1.150807-2049)
1812964.26dc: FileDescription: NT Layer DLL
1822964.26dc: \SystemRoot\System32\kernel32.dll:
1832964.26dc: CreationTime: 2015-07-10T10:59:59.699781600Z
1842964.26dc: LastWriteTime: 2015-07-10T10:59:59.699781600Z
1852964.26dc: ChangeTime: 2015-08-03T23:47:06.262647800Z
1862964.26dc: FileAttributes: 0x20
1872964.26dc: Size: 0xab830
1882964.26dc: NT Headers: 0xf0
1892964.26dc: Timestamp: 0x559f38ad
1902964.26dc: Machine: 0x8664 - amd64
1912964.26dc: Timestamp: 0x559f38ad
1922964.26dc: Image Version: 10.0
1932964.26dc: SizeOfImage: 0xad000 (708608)
1942964.26dc: Resource Dir: 0xab000 LB 0x518
1952964.26dc: ProductName: Microsoft® Windows® Operating System
1962964.26dc: ProductVersion: 10.0.10240.16384
1972964.26dc: FileVersion: 10.0.10240.16384 (th1.150709-1700)
1982964.26dc: FileDescription: Windows NT BASE API Client DLL
1992964.26dc: \SystemRoot\System32\KernelBase.dll:
2002964.26dc: CreationTime: 2015-07-10T11:00:10.325689700Z
2012964.26dc: LastWriteTime: 2015-07-10T11:00:10.325689700Z
2022964.26dc: ChangeTime: 2015-08-03T23:47:06.278273600Z
2032964.26dc: FileAttributes: 0x20
2042964.26dc: Size: 0x1dc680
2052964.26dc: NT Headers: 0x100
2062964.26dc: Timestamp: 0x559f38c3
2072964.26dc: Machine: 0x8664 - amd64
2082964.26dc: Timestamp: 0x559f38c3
2092964.26dc: Image Version: 10.0
2102964.26dc: SizeOfImage: 0x1dd000 (1953792)
2112964.26dc: Resource Dir: 0x1c7000 LB 0x530
2122964.26dc: ProductName: Microsoft® Windows® Operating System
2132964.26dc: ProductVersion: 10.0.10240.16384
2142964.26dc: FileVersion: 10.0.10240.16384 (th1.150709-1700)
2152964.26dc: FileDescription: Windows NT BASE API Client DLL
2162964.26dc: \SystemRoot\System32\apisetschema.dll:
2172964.26dc: CreationTime: 2015-07-10T11:00:04.872098600Z
2182964.26dc: LastWriteTime: 2015-07-10T11:00:04.872098600Z
2192964.26dc: ChangeTime: 2015-08-03T23:47:05.043835000Z
2202964.26dc: FileAttributes: 0x20
2212964.26dc: Size: 0x16760
2222964.26dc: NT Headers: 0xc8
2232964.26dc: Timestamp: 0x559f3e3d
2242964.26dc: Machine: 0x8664 - amd64
2252964.26dc: Timestamp: 0x559f3e3d
2262964.26dc: Image Version: 10.0
2272964.26dc: SizeOfImage: 0x17000 (94208)
2282964.26dc: Resource Dir: 0x16000 LB 0x3f0
2292964.26dc: ProductName: Microsoft® Windows® Operating System
2302964.26dc: ProductVersion: 10.0.10240.16384
2312964.26dc: FileVersion: 10.0.10240.16384 (th1.150709-1700)
2322964.26dc: FileDescription: ApiSet Schema DLL
2332964.26dc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
2342964.26dc: supR3HardenedWinFindAdversaries: 0x0
2352964.26dc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2362964.26dc: Calling main()
2372964.26dc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2382964.26dc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2392964.26dc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2402964.26dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2412964.26dc: SUPR3HardenedMain: Respawn #2
2422964.26dc: supR3HardNtEnableThreadCreation:
2432964.26dc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd2727fb70 pvNtTerminateThread=00007ffd272a3a20
2442964.26dc: supR3HardenedWinDoReSpawn(2): New child 2dd4.2f8c [kernel32].
2452964.26dc: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
2462964.26dc: supR3HardNtChildGatherData: PebBaseAddress=00007ff79d116000 cbPeb=0x388
2472964.26dc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd27210000 uNtDllChildAddr=00007ffd27210000
2482964.26dc: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd2727fb70
2492964.26dc: supR3HardenedWinSetupChildInit: Start child.
2502964.26dc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2512964.26dc: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 30 sleeps
2522964.26dc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2532964.26dc: *0000000000000000-ffffffffffd3ffff 0x0001/0x0000 0x0000000
2542964.26dc: *00000000002c0000-000000000029ffff 0x0004/0x0004 0x0020000
2552964.26dc: *00000000002e0000-00000000002cbfff 0x0002/0x0002 0x0040000
2562964.26dc: 00000000002f4000-00000000002e7fff 0x0001/0x0000 0x0000000
2572964.26dc: *0000000000300000-0000000000203fff 0x0000/0x0004 0x0020000
2582964.26dc: 00000000003fc000-00000000003f8fff 0x0104/0x0004 0x0020000
2592964.26dc: 00000000003ff000-00000000003fdfff 0x0004/0x0004 0x0020000
2602964.26dc: *0000000000400000-00000000003fbfff 0x0002/0x0002 0x0040000
2612964.26dc: 0000000000404000-00000000003f7fff 0x0001/0x0000 0x0000000
2622964.26dc: *0000000000410000-000000000040dfff 0x0004/0x0004 0x0020000
2632964.26dc: 0000000000412000-ffffffff80843fff 0x0001/0x0000 0x0000000
2642964.26dc: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2652964.26dc: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2662964.26dc: 000000007fff0000-ffff800962eeffff 0x0001/0x0000 0x0000000
2672964.26dc: *00007ff79d0f0000-00007ff79d0ccfff 0x0002/0x0002 0x0040000
2682964.26dc: 00007ff79d113000-00007ff79d10ffff 0x0001/0x0000 0x0000000
2692964.26dc: *00007ff79d116000-00007ff79d114fff 0x0004/0x0004 0x0020000
2702964.26dc: 00007ff79d117000-00007ff79d10ffff 0x0001/0x0000 0x0000000
2712964.26dc: *00007ff79d11e000-00007ff79d11bfff 0x0004/0x0004 0x0020000
2722964.26dc: 00007ff79d120000-00007ff79c60ffff 0x0001/0x0000 0x0000000
2732964.26dc: *00007ff79dc30000-00007ff79dc30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2742964.26dc: 00007ff79dc31000-00007ff79dcb6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2752964.26dc: 00007ff79dcb7000-00007ff79dcb7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2762964.26dc: 00007ff79dcb8000-00007ff79dd01fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2772964.26dc: 00007ff79dd02000-00007ff79dd02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2782964.26dc: 00007ff79dd03000-00007ff79dd03fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2792964.26dc: 00007ff79dd04000-00007ff79dd05fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2802964.26dc: 00007ff79dd06000-00007ff79dd06fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2812964.26dc: 00007ff79dd07000-00007ff79dd07fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2822964.26dc: 00007ff79dd08000-00007ff79dd0bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2832964.26dc: 00007ff79dd0c000-00007ff79dd55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2842964.26dc: 00007ff79dd56000-00007ff21489bfff 0x0001/0x0000 0x0000000
2852964.26dc: *00007ffd27210000-00007ffd27210fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2862964.26dc: 00007ffd27211000-00007ffd2730cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2872964.26dc: 00007ffd2730d000-00007ffd2734efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2882964.26dc: 00007ffd2734f000-00007ffd27357fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2892964.26dc: 00007ffd27358000-00007ffd27365fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2902964.26dc: 00007ffd27366000-00007ffd27366fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2912964.26dc: 00007ffd27367000-00007ffd27369fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2922964.26dc: 00007ffd2736a000-00007ffd273d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2932964.26dc: 00007ffd273d1000-00007ffa4e7c1fff 0x0001/0x0000 0x0000000
2942964.26dc: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
2952964.26dc: VirtualBox.exe: timestamp 0x55ccc4d5 (rc=VINF_SUCCESS)
2962964.26dc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2972964.26dc: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
2982964.26dc: supR3HardNtChildPurify: Done after 283 ms and 0 fixes (loop #0).
2992964.26dc: supR3HardenedEarlyCompact: Removed heap 1 (0x000000009f0000 LB 0x400000)
3002dd4.2f8c: Log file opened: 5.0.2r102096 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0280000
3012964.26dc: supR3HardNtEnableThreadCreation:
3022dd4.2f8c: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd27210000
3032dd4.2f8c: ntdll.dll: timestamp 0x55c59f92 (rc=VINF_SUCCESS)
3042dd4.2f8c: New simple heap: #1 0000000000520000 LB 0x400000 (for 1839104 allocation)
3052dd4.2f8c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
3062dd4.2f8c: System32: \Device\HarddiskVolume3\Windows\System32
3072dd4.2f8c: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
3082dd4.2f8c: KnownDllPath: C:\WINDOWS\system32
3092dd4.2f8c: supR3HardenedVmProcessInit: Opening vboxdrv...
3102dd4.2f8c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3112dd4.2f8c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3122dd4.2f8c: Registered Dll notification callback with NTDLL.
3132dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
3142dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
3152dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
3162dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd246e0000 LB 0x001dd000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0]
3172dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
3182dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
3192dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24980000 LB 0x000ad000 C:\WINDOWS\system32\KERNEL32.DLL [fFlags=0x0]
3202dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3212dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24980000 'C:\WINDOWS\system32\KERNEL32.DLL'
3222dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ff79dc30000 LB 0x00126000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
3232dd4.2f8c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3242dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3252dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
3262dd4.2f8c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd2727fb70 pvNtTerminateThread=00007ffd272a3a20
3272964.26dc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 64 ms.
3282dd4.2f8c: \SystemRoot\System32\ntdll.dll:
3292dd4.2f8c: CreationTime: 2015-08-11T22:39:33.379985300Z
3302dd4.2f8c: LastWriteTime: 2015-08-08T07:29:58.168349600Z
3312dd4.2f8c: ChangeTime: 2015-08-12T07:01:01.158849400Z
3322dd4.2f8c: FileAttributes: 0x20
3332dd4.2f8c: Size: 0x1bce48
3342dd4.2f8c: NT Headers: 0xd8
3352dd4.2f8c: Timestamp: 0x55c59f92
3362dd4.2f8c: Machine: 0x8664 - amd64
3372dd4.2f8c: Timestamp: 0x55c59f92
3382dd4.2f8c: Image Version: 10.0
3392dd4.2f8c: SizeOfImage: 0x1c1000 (1839104)
3402dd4.2f8c: Resource Dir: 0x15a000 LB 0x65718
3412dd4.2f8c: ProductName: Microsoft® Windows® Operating System
3422dd4.2f8c: ProductVersion: 10.0.10240.16430
3432dd4.2f8c: FileVersion: 10.0.10240.16430 (th1.150807-2049)
3442dd4.2f8c: FileDescription: NT Layer DLL
3452dd4.2f8c: \SystemRoot\System32\kernel32.dll:
3462dd4.2f8c: CreationTime: 2015-07-10T10:59:59.699781600Z
3472dd4.2f8c: LastWriteTime: 2015-07-10T10:59:59.699781600Z
3482dd4.2f8c: ChangeTime: 2015-08-03T23:47:06.262647800Z
3492dd4.2f8c: FileAttributes: 0x20
3502dd4.2f8c: Size: 0xab830
3512dd4.2f8c: NT Headers: 0xf0
3522dd4.2f8c: Timestamp: 0x559f38ad
3532dd4.2f8c: Machine: 0x8664 - amd64
3542dd4.2f8c: Timestamp: 0x559f38ad
3552dd4.2f8c: Image Version: 10.0
3562dd4.2f8c: SizeOfImage: 0xad000 (708608)
3572dd4.2f8c: Resource Dir: 0xab000 LB 0x518
3582dd4.2f8c: ProductName: Microsoft® Windows® Operating System
3592dd4.2f8c: ProductVersion: 10.0.10240.16384
3602dd4.2f8c: FileVersion: 10.0.10240.16384 (th1.150709-1700)
3612dd4.2f8c: FileDescription: Windows NT BASE API Client DLL
3622dd4.2f8c: \SystemRoot\System32\KernelBase.dll:
3632dd4.2f8c: CreationTime: 2015-07-10T11:00:10.325689700Z
3642dd4.2f8c: LastWriteTime: 2015-07-10T11:00:10.325689700Z
3652dd4.2f8c: ChangeTime: 2015-08-03T23:47:06.278273600Z
3662dd4.2f8c: FileAttributes: 0x20
3672dd4.2f8c: Size: 0x1dc680
3682dd4.2f8c: NT Headers: 0x100
3692dd4.2f8c: Timestamp: 0x559f38c3
3702dd4.2f8c: Machine: 0x8664 - amd64
3712dd4.2f8c: Timestamp: 0x559f38c3
3722dd4.2f8c: Image Version: 10.0
3732dd4.2f8c: SizeOfImage: 0x1dd000 (1953792)
3742dd4.2f8c: Resource Dir: 0x1c7000 LB 0x530
3752dd4.2f8c: ProductName: Microsoft® Windows® Operating System
3762dd4.2f8c: ProductVersion: 10.0.10240.16384
3772dd4.2f8c: FileVersion: 10.0.10240.16384 (th1.150709-1700)
3782dd4.2f8c: FileDescription: Windows NT BASE API Client DLL
3792dd4.2f8c: \SystemRoot\System32\apisetschema.dll:
3802dd4.2f8c: CreationTime: 2015-07-10T11:00:04.872098600Z
3812dd4.2f8c: LastWriteTime: 2015-07-10T11:00:04.872098600Z
3822dd4.2f8c: ChangeTime: 2015-08-03T23:47:05.043835000Z
3832dd4.2f8c: FileAttributes: 0x20
3842dd4.2f8c: Size: 0x16760
3852dd4.2f8c: NT Headers: 0xc8
3862dd4.2f8c: Timestamp: 0x559f3e3d
3872dd4.2f8c: Machine: 0x8664 - amd64
3882dd4.2f8c: Timestamp: 0x559f3e3d
3892dd4.2f8c: Image Version: 10.0
3902dd4.2f8c: SizeOfImage: 0x17000 (94208)
3912dd4.2f8c: Resource Dir: 0x16000 LB 0x3f0
3922dd4.2f8c: ProductName: Microsoft® Windows® Operating System
3932dd4.2f8c: ProductVersion: 10.0.10240.16384
3942dd4.2f8c: FileVersion: 10.0.10240.16384 (th1.150709-1700)
3952dd4.2f8c: FileDescription: ApiSet Schema DLL
3962dd4.2f8c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3972dd4.2f8c: supR3HardenedWinFindAdversaries: 0x0
3982dd4.2f8c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
3992dd4.2f8c: Calling main()
4002dd4.2f8c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4012dd4.2f8c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
4022dd4.2f8c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4032dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4042dd4.2f8c: SUPR3HardenedMain: Final process, opening VBoxDrv...
4052dd4.2f8c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000520000 LB 0x400000)
4062dd4.2f8c: supR3HardNtEnableThreadCreation:
4072dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
4082dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
4092dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4102dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4112dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd22230000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
4122dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4132dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4142dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4152dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd22230000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4162dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4172dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4182dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd22230000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4192dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd22230000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4202dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4212dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
4222dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
4232dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
4242dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
4252dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
4262dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4272dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4282dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
4292dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
4302dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4312dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4322dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4332dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'msasn1.dll'.
4342dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
4352dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4362dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4372dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4382dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
4392dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
4402dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4412dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4422dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
4432dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4442dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4452dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4462dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4472dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4482dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4492dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4502dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4512dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24c80000 LB 0x0009d000 C:\WINDOWS\system32\msvcrt.dll [fFlags=0x0]
4522dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4532dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23c40000 LB 0x00011000 C:\WINDOWS\system32\MSASN1.dll [fFlags=0x0]
4542dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4552dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd243a0000 LB 0x001c1000 C:\WINDOWS\system32\CRYPT32.dll [fFlags=0x0]
4562dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4572dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd27030000 LB 0x00126000 C:\WINDOWS\system32\RPCRT4.dll [fFlags=0x0]
4582dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4592dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24340000 LB 0x00054000 C:\WINDOWS\system32\Wintrust.dll [fFlags=0x0]
4602dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4612dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\WINDOWS\system32\Wintrust.dll'
4622dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
4632dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
4642dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4652dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4662dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23750000 LB 0x00028000 C:\WINDOWS\system32\bcrypt.dll [fFlags=0x0]
4672dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4682dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23750000 'C:\WINDOWS\system32\bcrypt.dll'
4692dd4.2f8c: bcrypt.dll loaded at 00007ffd23750000, BCryptOpenAlgorithmProvider at 00007ffd23754a00, preloading providers:
4702dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
4712dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
4722dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4732dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4742dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23a70000 LB 0x0006b000 C:\WINDOWS\system32\bcryptprimitives.dll [fFlags=0x0]
4752dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4762dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23a70000 'C:\WINDOWS\system32\bcryptprimitives.dll'
4772dd4.2f8c: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000b0a090)
4782dd4.2f8c: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000b0a750)
4792dd4.2f8c: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000b0aa20)
4802dd4.2f8c: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000b0ad80)
4812dd4.2f8c: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000b0b8a0)
4822dd4.2f8c: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000b0bbb0)
4832dd4.2f8c: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000b0bec0)
4842dd4.2f8c: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000b0c190)
4852dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4862dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4872dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
4882dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4892dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4902dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
4912dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4922dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4932dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
4942dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4952dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4962dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
4972dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4982dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4992dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
5002dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5012dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5022dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
5032dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5042dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5052dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
5062dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'.
5072dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
5082dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
5092dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd234e0000 LB 0x00017000 C:\WINDOWS\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
5102dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5112dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'bcrypt.dll'.
5122dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
5132dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
5142dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
5152dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
5162dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5172dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
5182dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
5192dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5202dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5212dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5222dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23130000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
5232dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5242dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
5252dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
5262dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
5272dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
5282dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23650000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
5292dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5302dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5312dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
5322dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
5332dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
5342dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5352dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24980000 'C:\WINDOWS\system32\kernel32.dll'
5362dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5372dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
5382dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5392dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
5402dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\CRYPT32.dll'
5412dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24d20000 LB 0x0001c000 C:\WINDOWS\system32\imagehlp.dll [fFlags=0x0]
5422dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5432dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
5442dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
5452dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5462dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5472dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5482dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5492dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5502dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
5512dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24a30000 LB 0x0005b000 C:\WINDOWS\system32\sechost.dll [fFlags=0x0]
5522dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
5532dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
5542dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
5552dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5562dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
5572dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
5582dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
5592dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd22b40000 LB 0x00023000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
5602dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
5612dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23c20000 LB 0x00013000 C:\WINDOWS\system32\profapi.dll [fFlags=0x0]
5622dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
5632dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
5642dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5652dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
5662dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'wldap32.dll'.
5672dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
5682dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
5692dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
5702dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
5712dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5722dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\Wldap32.dll)
5732dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Wldap32.dll
5742dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
5752dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
5762dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5772dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5782dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5792dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5802dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5812dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5822dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5832dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5842dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5852dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5862dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5872dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5882dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5892dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5902dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5912dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5922dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5932dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5942dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24ec0000 LB 0x0005b000 C:\WINDOWS\system32\WLDAP32.dll [fFlags=0x0]
5952dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
5962dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd14240000 LB 0x0002f000 C:\WINDOWS\system32\cryptnet.dll [fFlags=0x0]
5972dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5982dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5992dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6002dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6012dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6022dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6032dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6042dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6052dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6062dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6072dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6082dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6092dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6102dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6112dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6122dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6132dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6142dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6152dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6162dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6172dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6182dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6192dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6202dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6212dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6222dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6232dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6242dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6252dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6262dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\WINDOWS\system32\cryptnet.dll'
6272dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6282dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14240000 'C:\Windows\System32\cryptnet.dll'
6292dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd27160000 LB 0x000a6000 C:\WINDOWS\system32\advapi32.dll [fFlags=0x0]
6302dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6312dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
6322dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
6332dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
6342dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
6352dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6362dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6372dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6382dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6392dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
6402dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
6412dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
6422dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6432dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6442dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6452dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6462dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
6472dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6482dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6492dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
6502dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
6512dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b550f0
6522dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b550f0
6532dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=311B4CDD9B998ED36E8EA94DCB004D809301CC36
6542dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6552dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6562dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd27030000 'C:\WINDOWS\system32\rpcrt4.dll'
6572dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6582dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
6592dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6602dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
6612dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6622dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
6632dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6642dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
6652dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6662dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
6672dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6682dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
6692dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6702dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6712dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\Windows\System32\WINTRUST.DLL'
6722dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6732dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6742dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
6752dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6762dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6772dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
6782dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_483_for_KB3081436~31bf3856ad364e35~amd64~~10.0.1.1.cat'; file='\SystemRoot\System32\ntdll.dll'
6792dd4.2f8c: g_pfnWinVerifyTrust=00007ffd24348890
6802dd4.2f8c: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
6812dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6822dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6832dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
6842dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6852dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6862dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
6872dd4.2f8c: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
6882dd4.2f8c: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
6892dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6902dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6912dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
6922dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
6932dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6942dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
6952dd4.2f8c: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
6962dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6972dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6982dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
6992dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7002dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
7012dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000374 pwszName=\Device\HarddiskVolume3\Windows\System32\Wldap32.dll
7022dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b550f0
7032dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b550f0
7042dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3E30C00BB3189B639214835B4F4C320DEC5BFA77
7052dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7062dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7072dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7082dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-ds-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
7092dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
7102dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
7112dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000370 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
7122dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b550f0
7132dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b550f0
7142dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5997BB270A09A76A71A9EE8A7ADB154F3D75EEF3
7152dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7162dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7172dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7182dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-ds-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
7192dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
7202dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
7212dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7222dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7232dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7242dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
7252dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7262dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7272dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7282dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
7292dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7302dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7312dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7322dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
7332dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7342dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7352dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7362dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
7372dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7382dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7392dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
7402dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7412dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7422dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
7432dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7442dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7452dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7462dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7472dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
7482dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7492dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7502dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
7512dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7522dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7532dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
7542dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7552dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7562dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
7572dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7582dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7592dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
7602dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7612dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7622dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
7632dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7642dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7652dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
7662dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7672dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
7682dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7692dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe'
7702dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7712dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7722dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
7732dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
7742dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7752dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
7762dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
7772dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x1bb0b25f118c700 CN=DAKDESKHP
7782dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xc3bcd63ebda56d21 CN=USB\MS_COMP_LIBUSBK (libwdi autogenerated)
7792dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
7802dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
7812dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x26c66a5b46bc7b50 CN=USB\MS_COMP_WINUSB (libwdi autogenerated)
7822dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
7832dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
7842dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
7852dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x808533be0de10a4a CN=USB\VID_04E8&PID_6860 (libwdi autogenerated)
7862dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
7872dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x6cbf46949c10a9aa C=US, CN=Hewlett-Packard Company CA
7882dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x6275bb37cca51775 C=US, CN=Hewlett-Packard Company CA
7892dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
7902dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x5bf2acc79c700d30 CN=USB\VID_046D&PID_081D&MI_00 (libwdi autogenerated)
7912dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
7922dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
7932dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x4896b4e8912248b6 CN=USB\VID_04E8&PID_685D (libwdi autogenerated)
7942dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
7952dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
7962dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
7972dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
7982dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
7992dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
8002dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
8012dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
8022dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
8032dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
8042dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
8052dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
8062dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
8072dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
8082dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
8092dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
8102dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
8112dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
8122dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
8132dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
8142dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
8152dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
8162dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
8172dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
8182dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
8192dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
8202dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
8212dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
8222dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x6e2ba21058eedf00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN - DATACorp SGC
8232dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
8242dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
8252dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
8262dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
8272dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
8282dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
8292dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
8302dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
8312dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
8322dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
8332dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
8342dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
8352dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
8362dd4.2f8c: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
8372dd4.2f8c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=60
8382dd4.2f8c: SUPR3HardenedMain: Load Runtime...
8392dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
8402dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8412dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
8422dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
8432dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
8442dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
8452dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8462dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8472dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8482dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
8492dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
8502dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
8512dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
8522dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
8532dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'nsi.dll'.
8542dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
8552dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
8562dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
8572dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
8582dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
8592dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8602dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8612dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
8622dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
8632dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
8642dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\nsi.dll'.
8652dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
8662dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
8672dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
8682dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8692dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
8702dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
8712dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8722dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8732dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8742dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8752dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8762dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
8772dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
8782dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
8792dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
8802dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
8812dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8822dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8832dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
8842dd4.2f8c: supR3HardenedDllNotificationCallback: load 0000000057660000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
8852dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8862dd4.2f8c: supR3HardenedDllNotificationCallback: load 00000000575c0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
8872dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
8882dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd248c0000 LB 0x00008000 C:\WINDOWS\system32\NSI.dll [fFlags=0x0]
8892dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
8902dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd267f0000 LB 0x00069000 C:\WINDOWS\system32\WS2_32.dll [fFlags=0x0]
8912dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
8922dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffcf3750000 LB 0x00543000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
8932dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8942dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8952dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
8962dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\nsi.dll'.
8972dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rescheduled]
8982dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8992dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9002dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9012dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9022dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9032dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9042dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9052dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9062dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9072dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9082dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9092dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9102dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9112dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9122dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9132dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9142dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9152dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9162dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9172dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9182dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9192dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9202dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9212dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9222dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9232dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9242dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9252dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9262dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9272dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9282dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9292dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9302dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9312dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9322dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9332dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9342dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9352dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9362dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9372dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9382dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9392dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9402dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9412dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9422dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9432dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9442dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9452dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9462dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3750000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9472dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24340000 'C:\WINDOWS\system32\Wintrust.dll'
9482dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
9492dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
9502dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
9512dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9522dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
9532dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
9542dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
9552dd4.2f8c: SUPR3HardenedMain: Load TrustedMain...
9562dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
9572dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
9582dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
9592dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
9602dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
9612dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
9622dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
9632dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
9642dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
9652dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
9662dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
9672dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
9682dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
9692dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
9702dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
9712dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
9722dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
9732dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
9742dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
9752dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
9762dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
9772dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
9782dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
9792dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
9802dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
9812dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
9822dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
9832dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
9842dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
9852dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
9862dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000048c pwszName=\Device\HarddiskVolume3\Windows\System32\comdlg32.dll
9872dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b550f0
9882dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b550f0
9892dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=857477BEC0F0F69A9C4898B3680E207E94733C3F
9902dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9912dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9922dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
9932dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
9942dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
9952dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
9962dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9972dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9982dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
9992dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
10002dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
10012dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
10022dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
10032dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'.
10042dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
10052dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
10062dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
10072dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
10082dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\devobj.dll'.
10092dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10102dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
10112dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll)
10122dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
10132dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10142dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10152dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10162dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10172dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
10182dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
10192dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
10202dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
10212dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10222dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10232dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10242dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
10252dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
10262dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
10272dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
10282dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
10292dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10302dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10312dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
10322dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
10332dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10342dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
10352dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_207_for_KB3074683~31bf3856ad364e35~amd64~~10.0.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\comdlg32.dll'
10362dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10372dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10382dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'user32.dll'.
10392dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'shlwapi.dll'.
10402dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'.
10412dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'comctl32.dll'.
10422dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'shell32.dll'.
10432dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll) WinVerifyTrust
10442dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
10452dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
10462dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
10472dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
10482dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
10492dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
10502dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10512dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'user32.dll'.
10522dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'gdi32.dll'.
10532dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
10542dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
10552dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
10562dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
10572dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
10582dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
10592dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
10602dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
10612dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll)
10622dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll
10632dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10642dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10652dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10662dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
10672dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
10682dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
10692dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
10702dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'gdi32.dll'.
10712dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
10722dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
10732dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
10742dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10752dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10762dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10772dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10782dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10792dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10802dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10812dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10822dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10832dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10842dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10852dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10862dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10872dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10882dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10892dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10902dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10912dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10922dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10932dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10942dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
10952dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
10962dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10972dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10982dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10992dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11002dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11012dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
11022dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11032dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11042dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
11052dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
11062dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11072dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
11082dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
11092dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
11102dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
11112dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
11122dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
11132dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11142dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11152dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
11162dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
11172dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
11182dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
11192dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11202dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
11212dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
11222dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
11232dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11242dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11252dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11262dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11272dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11282dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11292dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
11302dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
11312dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
11322dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
11332dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'.
11342dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'.
11352dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
11362dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
11372dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
11382dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
11392dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
11402dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [redoing WinVerifyTrust]
11412dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
11422dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
11432dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
11442dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11452dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11462dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
11472dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11482dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11492dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11502dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11512dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11522dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11532dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11542dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
11552dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
11562dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
11572dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
11582dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11592dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11602dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
11612dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11622dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11632dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
11642dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
11652dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
11662dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
11672dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11682dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11692dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
11702dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
11712dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
11722dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
11732dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
11742dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
11752dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
11762dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
11772dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
11782dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11792dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
11802dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
11812dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
11822dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) WinVerifyTrust
11832dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
11842dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
11852dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
11862dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11872dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
11882dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11892dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
11902dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
11912dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'.
11922dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
11932dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
11942dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
11952dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
11962dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
11972dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
11982dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
11992dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
12002dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
12012dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
12022dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
12032dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
12042dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
12052dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
12062dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
12072dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
12082dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
12092dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
12102dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
12112dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
12122dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
12132dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
12142dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
12152dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
12162dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
12172dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
12182dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12192dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12202dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
12212dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12222dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12232dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
12242dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
12252dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
12262dd4.2f8c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
12272dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12282dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
12292dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
12302dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
12312dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
12322dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
12332dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
12342dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
12352dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12362dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12372dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
12382dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume3\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
12392dd4.2f8c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\ddraw.dll'.
12402dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12412dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'user32.dll'.
12422dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'gdi32.dll'.
12432dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'dciman32.dll'.
12442dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ddraw.dll)
12452dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ddraw.dll
12462dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
12472dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
12482dd4.2f8c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
12492dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12502dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
12512dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
12522dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
12532dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
12542dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12552dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12562dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
12572dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12582dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12592dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
12602dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12612dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12622dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12632dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12642dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12652dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12662dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
12672dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
12682dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
12692dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
12702dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
12712dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
12722dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
12732dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
12742dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12752dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12762dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
12772dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12782dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12792dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12802dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12812dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
12822dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
12832dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
12842dd4.2f8c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\winspool.drv'.
12852dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12862dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'.
12872dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\winspool.drv)
12882dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winspool.drv
12892dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
12902dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
12912dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
12922dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
12932dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
12942dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
12952dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
12962dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'msctf.dll'.
12972dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
12982dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
12992dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
13002dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
13012dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
13022dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
13032dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
13042dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
13052dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13062dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13072dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13082dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13092dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13102dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13112dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13122dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
13132dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13142dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
13152dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
13162dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13172dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13182dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
13192dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13202dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13212dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
13222dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13232dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13242dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
13252dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume3\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
13262dd4.2f8c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msctf.dll'.
13272dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13282dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
13292dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
13302dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'.
13312dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
13322dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
13332dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13342dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13352dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
13362dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
13372dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
13382dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13392dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13402dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13412dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13422dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13432dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13442dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
13452dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13462dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13472dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
13482dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume3\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
13492dd4.2f8c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\dciman32.dll'.
13502dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13512dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
13522dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
13532dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dciman32.dll)
13542dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dciman32.dll
13552dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13562dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13572dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13582dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13592dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13602dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13612dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13622dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13632dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13642dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13652dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13662dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13672dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
13682dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
13692dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
13702dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13712dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13722dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13732dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13742dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
13752dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13762dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13772dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
13782dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
13792dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
13802dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
13812dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll) WinVerifyTrust
13822dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
13832dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
13842dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
13852dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [redoing WinVerifyTrust]
13862dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13872dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13882dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13892dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13902dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13912dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
13922dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13932dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
13942dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
13952dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
13962dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'
13972dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13982dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13992dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [redoing WinVerifyTrust]
14002dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
14012dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'
14022dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14032dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14042dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
14052dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
14062dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
14072dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14082dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14092dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
14102dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
14112dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
14122dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14132dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14142dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
14152dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e0 pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
14162dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b550f0
14172dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b550f0
14182dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5F0CC8DA0E67C8C01864C0783FA867C4BDCE0AAA
14192dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
14202dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
14212dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
14222dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14232dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
14242dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
14252dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
14262dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
14272dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
14282dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
14292dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
14302dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
14312dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
14322dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
14332dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
14342dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll)
14352dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll
14362dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
14372dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
14382dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
14392dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
14402dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
14412dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
14422dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
14432dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd26ee0000 LB 0x0014e000 C:\WINDOWS\system32\USER32.dll [fFlags=0x0]
14442dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24a90000 LB 0x00186000 C:\WINDOWS\system32\GDI32.dll [fFlags=0x0]
14452dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd22220000 LB 0x00008000 C:\WINDOWS\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
14462dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
14472dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffcf3650000 LB 0x000f6000 C:\WINDOWS\SYSTEM32\DDRAW.dll [fFlags=0x0]
14482dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
14492dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd1bc30000 LB 0x0002e000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
14502dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
14512dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffcf4490000 LB 0x00128000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
14522dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
14532dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd26bb0000 LB 0x0027c000 C:\WINDOWS\system32\combase.dll [fFlags=0x0]
14542dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
14552dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd264d0000 LB 0x00141000 C:\WINDOWS\system32\ole32.dll [fFlags=0x0]
14562dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
14572dd4.2f8c: supR3HardenedDllNotificationCallback: load 0000000054f00000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
14582dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
14592dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24620000 LB 0x000b3000 C:\WINDOWS\system32\shcore.dll [fFlags=0x0]
14602dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14612dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'combase.dll'.
14622dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
14632dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
14642dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd248d0000 LB 0x00051000 C:\WINDOWS\system32\shlwapi.dll [fFlags=0x0]
14652dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [avoiding WinVerifyTrust]
14662dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd1d6a0000 LB 0x000aa000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\COMCTL32.dll [fFlags=0x0]
14672dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [avoiding WinVerifyTrust]
14682dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23c60000 LB 0x0000f000 C:\WINDOWS\system32\kernel.appcore.dll [fFlags=0x0]
14692dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'.
14702dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
14712dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
14722dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
14732dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23c70000 LB 0x0004a000 C:\WINDOWS\system32\powrprof.dll [fFlags=0x0]
14742dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14752dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
14762dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
14772dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
14782dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23d10000 LB 0x00629000 C:\WINDOWS\system32\windows.storage.dll [fFlags=0x0]
14792dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14802dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
14812dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
14822dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'profapi.dll'.
14832dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
14842dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
14852dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24fa0000 LB 0x01522000 C:\WINDOWS\system32\SHELL32.dll [fFlags=0x0]
14862dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
14872dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd26ad0000 LB 0x000d7000 C:\WINDOWS\system32\COMDLG32.dll [fFlags=0x0]
14882dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
14892dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd26a10000 LB 0x000be000 C:\WINDOWS\system32\OLEAUT32.dll [fFlags=0x0]
14902dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
14912dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24d60000 LB 0x0015c000 C:\WINDOWS\system32\MSCTF.dll [fFlags=0x0]
14922dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [avoiding WinVerifyTrust]
14932dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd24940000 LB 0x00036000 C:\WINDOWS\system32\IMM32.dll [fFlags=0x0]
14942dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
14952dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23cc0000 LB 0x00044000 C:\WINDOWS\system32\cfgmgr32.dll [fFlags=0x0]
14962dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
14972dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd22590000 LB 0x00027000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
14982dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
14992dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd21040000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
15002dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
15012dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd210d0000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
15022dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
15032dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd220e0000 LB 0x00084000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
15042dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
15052dd4.2f8c: supR3HardenedDllNotificationCallback: load 00000000543a0000 LB 0x0096c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
15062dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
15072dd4.2f8c: supR3HardenedDllNotificationCallback: load 0000000054df0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
15082dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
15092dd4.2f8c: supR3HardenedDllNotificationCallback: load 0000000054d10000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
15102dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
15112dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffcf20c0000 LB 0x00ab1000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
15122dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
15132dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
15142dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
15152dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
15162dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
15172dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
15182dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
15192dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
15202dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
15212dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll'.
15222dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll' [rescheduled]
15232dd4.2f8c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\dciman32.dll'.
15242dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dciman32.dll' [rescheduled]
15252dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msctf.dll'.
15262dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll' [rescheduled]
15272dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
15282dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
15292dd4.2f8c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\winspool.drv'.
15302dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rescheduled]
15312dd4.2f8c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
15322dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
15332dd4.2f8c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\ddraw.dll'.
15342dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\ddraw.dll' [rescheduled]
15352dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
15362dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
15372dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
15382dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
15392dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
15402dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rescheduled]
15412dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
15422dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
15432dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\devobj.dll'.
15442dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rescheduled]
15452dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
15462dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
15472dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [redoing WinVerifyTrust]
15482dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
15492dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\imm32.dll
15502dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
15512dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
15522dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
15532dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
15542dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15552dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
15562dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
15572dd4.2f8c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
15582dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15592dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15602dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15612dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15622dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15632dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15642dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15652dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15662dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15672dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15682dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15692dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15702dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
15712dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15722dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
15732dd4.2f8c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
15742dd4.2f8c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
15752dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15762dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15772dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15782dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15792dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15802dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15812dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15822dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15832dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
15842dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15852dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24940000 'C:\WINDOWS\system32\imm32.dll'
15862dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf20c0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
15872dd4.2f8c: SUPR3HardenedMain: Calling TrustedMain (00007ffcf20c1770)...
15882dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
15892dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15902dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd210d0000 'C:\WINDOWS\system32\winmm.dll'
15912dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000634 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
15922dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b550f0
15932dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b550f0
15942dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3717D376EF95470D8C03AD02F97C4DCBCE269CF8
15952dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
15962dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
15972dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_205_for_KB3074683~31bf3856ad364e35~amd64~~10.0.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
15982dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15992dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16002dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
16012dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
16022dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust
16032dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16042dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16052dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16062dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16072dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16082dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16092dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16102dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
16112dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16122dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd224f0000 LB 0x00096000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
16132dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16142dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd224f0000 'C:\WINDOWS\system32\uxtheme.dll'
16152dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16162dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
16172dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'.
16182dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)
16192dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
16202dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd21010000 LB 0x00022000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0]
16212dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
16222dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000065c pwszName=\Device\HarddiskVolume3\Windows\System32\dwmapi.dll
16232dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b550f0
16242dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b550f0
16252dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=71451274041047D99462EA805D3FAD1A9E10F86D
16262dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16272dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16282dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
16292dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16302dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16312dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16322dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16332dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
16342dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
16352dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB3074683~31bf3856ad364e35~amd64~~10.0.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
16362dd4.2f8c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16372dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
16382dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
16392dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16402dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24fa0000 'C:\WINDOWS\system32\shell32.dll'
16412dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
16422dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16432dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24980000 'C:\WINDOWS\system32\kernel32.dll'
16442dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16452dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16462dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd224f0000 'C:\WINDOWS\system32\uxtheme.dll'
16472dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16482dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16492dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd224f0000 'C:\WINDOWS\system32\uxtheme.dll'
16502dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
16512dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16522dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll'
16532dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd26ee0000 'C:\WINDOWS\system32\user32.dll'
16542dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16552dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16562dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd224f0000 'C:\WINDOWS\system32\uxtheme.dll'
16572dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd26ee0000 'C:\WINDOWS\system32\user32.dll'
16582dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
16592dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16602dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd27160000 'C:\WINDOWS\system32\advapi32.dll'
16612dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
16622dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
16632dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16642dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
16652dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'profapi.dll'.
16662dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) WinVerifyTrust
16672dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
16682dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
16692dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
16702dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
16712dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16722dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16732dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16742dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16752dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16762dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
16772dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd23220000 LB 0x0001f000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
16782dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
16792dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23220000 'C:\WINDOWS\system32\userenv.dll'
16802dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
16812dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16822dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24980000 'C:\WINDOWS\system32\kernel32.dll'
16832dd4.2f8c: supR3HardenedDllNotificationCallback: load 00007ffd26e30000 LB 0x000a5000 C:\WINDOWS\system32\clbcatq.dll [fFlags=0x0]
16842dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16852dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
16862dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
16872dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
16882dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16892dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16902dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16912dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16922dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
16932dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
16942dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
16952dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
16962dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
16972dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
16982dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
16992dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
17002dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
17012dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
17022dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
17032dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
17042dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
17052dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
17062dd4.2a5c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
17072dd4.2a5c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
17082dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17092dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17102dd4.2a5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
17112dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17122dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17132dd4.2a5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
17142dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
17152dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
17162dd4.2a5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
17172dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
17182dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
17192dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
17202dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
17212dd4.2a5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17222dd4.2a5c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll) WinVerifyTrust
17232dd4.2a5c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
17242dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17252dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17262dd4.2a5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
17272dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17282dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17292dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
17302dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
17312dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17322dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17332dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
17342dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
17352dd4.2a5c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\psapi.dll) WinVerifyTrust
17362dd4.2a5c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\psapi.dll
17372dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17382dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17392dd4.2a5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
17402dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17412dd4.2a5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17422dd4.2a5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17432dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17442dd4.2a5c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
17452dd4.2a5c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
17462dd4.2a5c: supR3HardenedDllNotificationCallback: load 00007ffd24f90000 LB 0x00008000 C:\WINDOWS\system32\PSAPI.DLL [fFlags=0x0]
17472dd4.2a5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\psapi.dll
17482dd4.2a5c: supR3HardenedDllNotificationCallback: load 00007ffd209c0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\VERSION.dll [fFlags=0x0]
17492dd4.2a5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
17502dd4.2a5c: supR3HardenedDllNotificationCallback: load 00007ffcf3070000 LB 0x005d6000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
17512dd4.2a5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
17522dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf3070000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
17532dd4.2a5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
17542dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17552dd4.2a5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd26a10000 'C:\Windows\System32\oleaut32.dll'
17562dd4.2a5c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sxs.dll)
17572dd4.2a5c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sxs.dll
17582dd4.2a5c: supR3HardenedDllNotificationCallback: load 00007ffd23ae0000 LB 0x00098000 C:\WINDOWS\SYSTEM32\sxs.dll [fFlags=0x0]
17592dd4.2a5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sxs.dll [avoiding WinVerifyTrust]
17602dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
17612dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
17622dd4.2f8c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sxs.dll'
17632dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
17642dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17652dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd26a10000 'C:\WINDOWS\system32\OLEAUT32.dll'
17662dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
17672dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17682dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll'
17692dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24a90000 'C:\WINDOWS\system32\gdi32.dll'
17702dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
17712dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17722dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24fa0000 'C:\WINDOWS\system32\shell32.dll'
17732dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
17742dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17752dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24fa0000 'C:\WINDOWS\system32\shell32.dll'
17762dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
17772dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17782dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24fa0000 'C:\WINDOWS\system32\shell32.dll'
17792dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
17802dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17812dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24fa0000 'C:\WINDOWS\system32\shell32.dll'
17822dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24fa0000 'C:\WINDOWS\system32\shell32.dll'
17832dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd24fa0000 'C:\WINDOWS\system32\shell32.dll'
17842dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd26ee0000 'C:\WINDOWS\system32\user32.dll'
17852dd4.2f8c: \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll: Owner is administrators group.
17862dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
17872dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
17882dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
17892dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shell32.dll'.
17902dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'comctl32.dll'.
17912dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'uxtheme.dll'.
17922dd4.2f8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
17932dd4.2f8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll) WinVerifyTrust
17942dd4.2f8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll
17952dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
17962dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
17972dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
17982dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
17992dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
18002dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
18012dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
18022dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
18032dd4.2f8c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comctl32.dll [redoing WinVerifyTrust]
18042dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
18052dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
18062dd4.2f8c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'
18072dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
18082dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
18092dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18102dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18112dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18122dd4.2f8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18132dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
18142dd4.2f8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll
18152dd4.2f8c: supR3HardenedDllNotificationCallback: load 0000000180000000 LB 0x0003b000 C:\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll [fFlags=0x0]
18162dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll
18172dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd26ee0000 'C:\WINDOWS\system32\User32.dll'
18182dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000180000000 'C:\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_C81D6947-64C4-4F85-89B1-2B2AF7639F08.dll'
18192dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: 'C:\WINDOWS\system32\comctl32.dll' -> 'C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll' [redir]
18202dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [redoing WinVerifyTrust]
18212dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23130000 'C:\WINDOWS\system32\rsaenh.dll'
18222dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd243a0000 'C:\WINDOWS\system32\crypt32.dll'
18232dd4.2f8c: supR3HardenedScreenImage/LdrLoadDll: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll'
18242dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll (Input=C:\WINDOWS\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18252dd4.2f8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1d6a0000 'C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll'
18262dd4.2f8c: Terminating the normal way: rcExit=1
18272964.26dc: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 4704 ms, the end);
18282a1c.2e38: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 5069 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy