VirtualBox

Ticket #14562: VBoxStartup.log

File VBoxStartup.log, 248.1 KB (added by Leonardo Lira, 9 years ago)

After the blue screen, start VirtualBox and force a virtual machine to boot

Line 
112e4.1a54: Log file opened: 4.3.30r101610 g_hStartupLog=0000000000000058 g_uNtVerCombined=0xa0280000
212e4.1a54: \SystemRoot\System32\ntdll.dll:
312e4.1a54: CreationTime: 2015-08-15T19:11:20.266601700Z
412e4.1a54: LastWriteTime: 2015-08-08T07:29:58.168349600Z
512e4.1a54: ChangeTime: 2015-08-20T22:36:23.360469800Z
612e4.1a54: FileAttributes: 0x20
712e4.1a54: Size: 0x1bce48
812e4.1a54: NT Headers: 0xd8
912e4.1a54: Timestamp: 0x55c59f92
1012e4.1a54: Machine: 0x8664 - amd64
1112e4.1a54: Timestamp: 0x55c59f92
1212e4.1a54: Image Version: 10.0
1312e4.1a54: SizeOfImage: 0x1c1000 (1839104)
1412e4.1a54: Resource Dir: 0x15a000 LB 0x65718
1512e4.1a54: ProductName: Microsoft® Windows® Operating System
1612e4.1a54: ProductVersion: 10.0.10240.16430
1712e4.1a54: FileVersion: 10.0.10240.16430 (th1.150807-2049)
1812e4.1a54: FileDescription: NT Layer DLL
1912e4.1a54: \SystemRoot\System32\kernel32.dll:
2012e4.1a54: CreationTime: 2015-07-10T10:59:59.699781600Z
2112e4.1a54: LastWriteTime: 2015-07-10T10:59:59.699781600Z
2212e4.1a54: ChangeTime: 2015-08-03T15:58:18.563437600Z
2312e4.1a54: FileAttributes: 0x20
2412e4.1a54: Size: 0xab830
2512e4.1a54: NT Headers: 0xf0
2612e4.1a54: Timestamp: 0x559f38ad
2712e4.1a54: Machine: 0x8664 - amd64
2812e4.1a54: Timestamp: 0x559f38ad
2912e4.1a54: Image Version: 10.0
3012e4.1a54: SizeOfImage: 0xad000 (708608)
3112e4.1a54: Resource Dir: 0xab000 LB 0x518
3212e4.1a54: ProductName: Microsoft® Windows® Operating System
3312e4.1a54: ProductVersion: 10.0.10240.16384
3412e4.1a54: FileVersion: 10.0.10240.16384 (th1.150709-1700)
3512e4.1a54: FileDescription: Windows NT BASE API Client DLL
3612e4.1a54: \SystemRoot\System32\KernelBase.dll:
3712e4.1a54: CreationTime: 2015-07-10T11:00:10.325689700Z
3812e4.1a54: LastWriteTime: 2015-07-10T11:00:10.325689700Z
3912e4.1a54: ChangeTime: 2015-08-03T15:58:18.579063600Z
4012e4.1a54: FileAttributes: 0x20
4112e4.1a54: Size: 0x1dc680
4212e4.1a54: NT Headers: 0x100
4312e4.1a54: Timestamp: 0x559f38c3
4412e4.1a54: Machine: 0x8664 - amd64
4512e4.1a54: Timestamp: 0x559f38c3
4612e4.1a54: Image Version: 10.0
4712e4.1a54: SizeOfImage: 0x1dd000 (1953792)
4812e4.1a54: Resource Dir: 0x1c7000 LB 0x530
4912e4.1a54: ProductName: Microsoft® Windows® Operating System
5012e4.1a54: ProductVersion: 10.0.10240.16384
5112e4.1a54: FileVersion: 10.0.10240.16384 (th1.150709-1700)
5212e4.1a54: FileDescription: Windows NT BASE API Client DLL
5312e4.1a54: \SystemRoot\System32\apisetschema.dll:
5412e4.1a54: CreationTime: 2015-07-10T11:00:04.872098600Z
5512e4.1a54: LastWriteTime: 2015-07-10T11:00:04.872098600Z
5612e4.1a54: ChangeTime: 2015-08-03T15:58:17.422754700Z
5712e4.1a54: FileAttributes: 0x20
5812e4.1a54: Size: 0x16760
5912e4.1a54: NT Headers: 0xc8
6012e4.1a54: Timestamp: 0x559f3e3d
6112e4.1a54: Machine: 0x8664 - amd64
6212e4.1a54: Timestamp: 0x559f3e3d
6312e4.1a54: Image Version: 10.0
6412e4.1a54: SizeOfImage: 0x17000 (94208)
6512e4.1a54: Resource Dir: 0x16000 LB 0x3f0
6612e4.1a54: ProductName: Microsoft® Windows® Operating System
6712e4.1a54: ProductVersion: 10.0.10240.16384
6812e4.1a54: FileVersion: 10.0.10240.16384 (th1.150709-1700)
6912e4.1a54: FileDescription: ApiSet Schema DLL
7012e4.1a54: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7112e4.1a54: supR3HardenedWinFindAdversaries: 0x100
7212e4.1a54: \SystemRoot\System32\drivers\avgidsdrivera.sys:
7312e4.1a54: CreationTime: 2015-06-26T12:49:10.000000000Z
7412e4.1a54: LastWriteTime: 2015-06-26T12:49:10.000000000Z
7512e4.1a54: ChangeTime: 2015-08-04T11:56:29.400943100Z
7612e4.1a54: FileAttributes: 0x80
7712e4.1a54: Size: 0x479b0
7812e4.1a54: NT Headers: 0xe8
7912e4.1a54: Timestamp: 0x558d03f3
8012e4.1a54: Machine: 0x8664 - amd64
8112e4.1a54: Timestamp: 0x558d03f3
8212e4.1a54: Image Version: 6.2
8312e4.1a54: SizeOfImage: 0x4d000 (315392)
8412e4.1a54: Resource Dir: 0x4b000 LB 0x554
8512e4.1a54: ProductName: AVG Internet Security
8612e4.1a54: ProductVersion: 15.0.0.6079
8712e4.1a54: FileVersion: 15.0.0.6079
8812e4.1a54: SpecialBuild: AvCompile_2015_0626_094201(6079), SVNRev 87306f2d1d04b7b02d0c8ae6ba45aa5e0a31a3dd (release/SmallUpdate2015-06_release), av
8912e4.1a54: PrivateBuild: x64 Release_Unicode_DRIVER
9012e4.1a54: FileDescription: AVG IDS Application Activity Monitor Driver.
9112e4.1a54: Calling main()
9212e4.1a54: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
9312e4.1a54: SUPR3HardenedMain: Respawn #1
9412e4.1a54: System32: \Device\HarddiskVolume4\Windows\System32
9512e4.1a54: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
9612e4.1a54: KnownDllPath: C:\WINDOWS\system32
9712e4.1a54: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
9812e4.1a54: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
9912e4.1a54: supR3HardNtEnableThreadCreation:
10012e4.1a54: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd1d51fb70 pvNtTerminateThread=00007ffd1d543a20
10112e4.1a54: supR3HardenedWinDoReSpawn(1): New child d70.14c8 [kernel32].
10212e4.1a54: supR3HardNtChildGatherData: PebBaseAddress=00007ff71e82c000 cbPeb=0x388
10312e4.1a54: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd1d4b0000 uNtDllChildAddr=00007ffd1d4b0000
10412e4.1a54: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd1d51fb70
10512e4.1a54: supR3HardenedWinSetupChildInit: Start child.
10612e4.1a54: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
10712e4.1a54: supR3HardNtChildPurify: Startup delay kludge #1/0: 525 ms, 42 sleeps
10812e4.1a54: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
10912e4.1a54: *0000000000000000-ffffffffffbdffff 0x0001/0x0000 0x0000000
11012e4.1a54: *0000000000420000-00000000003fffff 0x0004/0x0004 0x0020000
11112e4.1a54: *0000000000440000-000000000042bfff 0x0002/0x0002 0x0040000
11212e4.1a54: 0000000000454000-0000000000447fff 0x0001/0x0000 0x0000000
11312e4.1a54: *0000000000460000-0000000000363fff 0x0000/0x0004 0x0020000
11412e4.1a54: 000000000055c000-0000000000558fff 0x0104/0x0004 0x0020000
11512e4.1a54: 000000000055f000-000000000055dfff 0x0004/0x0004 0x0020000
11612e4.1a54: *0000000000560000-000000000055bfff 0x0002/0x0002 0x0040000
11712e4.1a54: 0000000000564000-0000000000557fff 0x0001/0x0000 0x0000000
11812e4.1a54: *0000000000570000-000000000056dfff 0x0004/0x0004 0x0020000
11912e4.1a54: 0000000000572000-ffffffff80b03fff 0x0001/0x0000 0x0000000
12012e4.1a54: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
12112e4.1a54: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
12212e4.1a54: 000000007fff0000-ffff8009e17dffff 0x0001/0x0000 0x0000000
12312e4.1a54: *00007ff71e800000-00007ff71e7dcfff 0x0002/0x0002 0x0040000
12412e4.1a54: 00007ff71e823000-00007ff71e819fff 0x0001/0x0000 0x0000000
12512e4.1a54: *00007ff71e82c000-00007ff71e82afff 0x0004/0x0004 0x0020000
12612e4.1a54: 00007ff71e82d000-00007ff71e82bfff 0x0001/0x0000 0x0000000
12712e4.1a54: *00007ff71e82e000-00007ff71e82bfff 0x0004/0x0004 0x0020000
12812e4.1a54: *00007ff71e830000-00007ff71e830fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12912e4.1a54: 00007ff71e831000-00007ff71e8b5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13012e4.1a54: 00007ff71e8b6000-00007ff71e8b6fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13112e4.1a54: 00007ff71e8b7000-00007ff71e8f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13212e4.1a54: 00007ff71e8f5000-00007ff71e8f5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13312e4.1a54: 00007ff71e8f6000-00007ff71e8f6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13412e4.1a54: 00007ff71e8f7000-00007ff71e8f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13512e4.1a54: 00007ff71e8f9000-00007ff71e8f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13612e4.1a54: 00007ff71e8fa000-00007ff71e8fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13712e4.1a54: 00007ff71e8fb000-00007ff71e8fefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13812e4.1a54: 00007ff71e8ff000-00007ff71e937fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13912e4.1a54: 00007ff71e938000-00007ff11fdbffff 0x0001/0x0000 0x0000000
14012e4.1a54: *00007ffd1d4b0000-00007ffd1d4b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14112e4.1a54: 00007ffd1d4b1000-00007ffd1d5acfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14212e4.1a54: 00007ffd1d5ad000-00007ffd1d5eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14312e4.1a54: 00007ffd1d5ef000-00007ffd1d5f7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14412e4.1a54: 00007ffd1d5f8000-00007ffd1d605fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14512e4.1a54: 00007ffd1d606000-00007ffd1d606fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14612e4.1a54: 00007ffd1d607000-00007ffd1d609fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14712e4.1a54: 00007ffd1d60a000-00007ffd1d670fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14812e4.1a54: 00007ffd1d671000-00007ffa3ad01fff 0x0001/0x0000 0x0000000
14912e4.1a54: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
15012e4.1a54: VirtualBox.exe: timestamp 0x559faaf3 (rc=VINF_SUCCESS)
15112e4.1a54: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
15212e4.1a54: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
15312e4.1a54: supR3HardNtChildPurify: Done after 650 ms and 0 fixes (loop #0).
15412e4.1a54: supR3HardNtEnableThreadCreation:
155d70.14c8: Log file opened: 4.3.30r101610 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0280000
156d70.14c8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd1d4b0000
157d70.14c8: ntdll.dll: timestamp 0x55c59f92 (rc=VINF_SUCCESS)
158d70.14c8: New simple heap: #1 0000000000680000 LB 0x400000 (for 1839104 allocation)
159d70.14c8: System32: \Device\HarddiskVolume4\Windows\System32
160d70.14c8: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
161d70.14c8: KnownDllPath: C:\WINDOWS\system32
162d70.14c8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
163d70.14c8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
164d70.14c8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
165d70.14c8: Registered Dll notification callback with NTDLL.
166d70.14c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
167d70.14c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
168d70.14c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
169d70.14c8: supR3HardenedDllNotificationCallback: load 00007ffd1a9a0000 LB 0x001dd000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0]
170d70.14c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
171d70.14c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
172d70.14c8: supR3HardenedDllNotificationCallback: load 00007ffd1ad40000 LB 0x000ad000 C:\WINDOWS\system32\KERNEL32.DLL [fFlags=0x0]
173d70.14c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
174d70.14c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1ad40000 'C:\WINDOWS\system32\KERNEL32.DLL'
175d70.14c8: supR3HardenedDllNotificationCallback: load 00007ff71e830000 LB 0x00108000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
176d70.14c8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
177d70.14c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
178d70.14c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
179d70.14c8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd1d51fb70 pvNtTerminateThread=00007ffd1d543a20
18012e4.1a54: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 250 ms.
181d70.14c8: \SystemRoot\System32\ntdll.dll:
182d70.14c8: CreationTime: 2015-08-15T19:11:20.266601700Z
183d70.14c8: LastWriteTime: 2015-08-08T07:29:58.168349600Z
184d70.14c8: ChangeTime: 2015-08-20T22:36:23.360469800Z
185d70.14c8: FileAttributes: 0x20
186d70.14c8: Size: 0x1bce48
187d70.14c8: NT Headers: 0xd8
188d70.14c8: Timestamp: 0x55c59f92
189d70.14c8: Machine: 0x8664 - amd64
190d70.14c8: Timestamp: 0x55c59f92
191d70.14c8: Image Version: 10.0
192d70.14c8: SizeOfImage: 0x1c1000 (1839104)
193d70.14c8: Resource Dir: 0x15a000 LB 0x65718
194d70.14c8: ProductName: Microsoft® Windows® Operating System
195d70.14c8: ProductVersion: 10.0.10240.16430
196d70.14c8: FileVersion: 10.0.10240.16430 (th1.150807-2049)
197d70.14c8: FileDescription: NT Layer DLL
198d70.14c8: \SystemRoot\System32\kernel32.dll:
199d70.14c8: CreationTime: 2015-07-10T10:59:59.699781600Z
200d70.14c8: LastWriteTime: 2015-07-10T10:59:59.699781600Z
201d70.14c8: ChangeTime: 2015-08-03T15:58:18.563437600Z
202d70.14c8: FileAttributes: 0x20
203d70.14c8: Size: 0xab830
204d70.14c8: NT Headers: 0xf0
205d70.14c8: Timestamp: 0x559f38ad
206d70.14c8: Machine: 0x8664 - amd64
207d70.14c8: Timestamp: 0x559f38ad
208d70.14c8: Image Version: 10.0
209d70.14c8: SizeOfImage: 0xad000 (708608)
210d70.14c8: Resource Dir: 0xab000 LB 0x518
211d70.14c8: ProductName: Microsoft® Windows® Operating System
212d70.14c8: ProductVersion: 10.0.10240.16384
213d70.14c8: FileVersion: 10.0.10240.16384 (th1.150709-1700)
214d70.14c8: FileDescription: Windows NT BASE API Client DLL
215d70.14c8: \SystemRoot\System32\KernelBase.dll:
216d70.14c8: CreationTime: 2015-07-10T11:00:10.325689700Z
217d70.14c8: LastWriteTime: 2015-07-10T11:00:10.325689700Z
218d70.14c8: ChangeTime: 2015-08-03T15:58:18.579063600Z
219d70.14c8: FileAttributes: 0x20
220d70.14c8: Size: 0x1dc680
221d70.14c8: NT Headers: 0x100
222d70.14c8: Timestamp: 0x559f38c3
223d70.14c8: Machine: 0x8664 - amd64
224d70.14c8: Timestamp: 0x559f38c3
225d70.14c8: Image Version: 10.0
226d70.14c8: SizeOfImage: 0x1dd000 (1953792)
227d70.14c8: Resource Dir: 0x1c7000 LB 0x530
228d70.14c8: ProductName: Microsoft® Windows® Operating System
229d70.14c8: ProductVersion: 10.0.10240.16384
230d70.14c8: FileVersion: 10.0.10240.16384 (th1.150709-1700)
231d70.14c8: FileDescription: Windows NT BASE API Client DLL
232d70.14c8: \SystemRoot\System32\apisetschema.dll:
233d70.14c8: CreationTime: 2015-07-10T11:00:04.872098600Z
234d70.14c8: LastWriteTime: 2015-07-10T11:00:04.872098600Z
235d70.14c8: ChangeTime: 2015-08-03T15:58:17.422754700Z
236d70.14c8: FileAttributes: 0x20
237d70.14c8: Size: 0x16760
238d70.14c8: NT Headers: 0xc8
239d70.14c8: Timestamp: 0x559f3e3d
240d70.14c8: Machine: 0x8664 - amd64
241d70.14c8: Timestamp: 0x559f3e3d
242d70.14c8: Image Version: 10.0
243d70.14c8: SizeOfImage: 0x17000 (94208)
244d70.14c8: Resource Dir: 0x16000 LB 0x3f0
245d70.14c8: ProductName: Microsoft® Windows® Operating System
246d70.14c8: ProductVersion: 10.0.10240.16384
247d70.14c8: FileVersion: 10.0.10240.16384 (th1.150709-1700)
248d70.14c8: FileDescription: ApiSet Schema DLL
249d70.14c8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
250d70.14c8: supR3HardenedWinFindAdversaries: 0x100
251d70.14c8: \SystemRoot\System32\drivers\avgidsdrivera.sys:
252d70.14c8: CreationTime: 2015-06-26T12:49:10.000000000Z
253d70.14c8: LastWriteTime: 2015-06-26T12:49:10.000000000Z
254d70.14c8: ChangeTime: 2015-08-04T11:56:29.400943100Z
255d70.14c8: FileAttributes: 0x80
256d70.14c8: Size: 0x479b0
257d70.14c8: NT Headers: 0xe8
258d70.14c8: Timestamp: 0x558d03f3
259d70.14c8: Machine: 0x8664 - amd64
260d70.14c8: Timestamp: 0x558d03f3
261d70.14c8: Image Version: 6.2
262d70.14c8: SizeOfImage: 0x4d000 (315392)
263d70.14c8: Resource Dir: 0x4b000 LB 0x554
264d70.14c8: ProductName: AVG Internet Security
265d70.14c8: ProductVersion: 15.0.0.6079
266d70.14c8: FileVersion: 15.0.0.6079
267d70.14c8: SpecialBuild: AvCompile_2015_0626_094201(6079), SVNRev 87306f2d1d04b7b02d0c8ae6ba45aa5e0a31a3dd (release/SmallUpdate2015-06_release), av
268d70.14c8: PrivateBuild: x64 Release_Unicode_DRIVER
269d70.14c8: FileDescription: AVG IDS Application Activity Monitor Driver.
270d70.14c8: Calling main()
271d70.14c8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
272d70.14c8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
273d70.14c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
274d70.14c8: SUPR3HardenedMain: Respawn #2
275d70.14c8: supR3HardNtEnableThreadCreation:
276d70.14c8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd1d51fb70 pvNtTerminateThread=00007ffd1d543a20
277d70.14c8: supR3HardenedWinDoReSpawn(2): New child 98.768 [kernel32].
278d70.14c8: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
279d70.14c8: supR3HardNtChildGatherData: PebBaseAddress=00007ff71e6ef000 cbPeb=0x388
280d70.14c8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd1d4b0000 uNtDllChildAddr=00007ffd1d4b0000
281d70.14c8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd1d51fb70
282d70.14c8: supR3HardenedWinSetupChildInit: Start child.
283d70.14c8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
284d70.14c8: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 30 sleeps
285d70.14c8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
286d70.14c8: *0000000000000000-ffffffffffbaffff 0x0001/0x0000 0x0000000
287d70.14c8: *0000000000450000-000000000042ffff 0x0004/0x0004 0x0020000
288d70.14c8: *0000000000470000-000000000045bfff 0x0002/0x0002 0x0040000
289d70.14c8: 0000000000484000-0000000000477fff 0x0001/0x0000 0x0000000
290d70.14c8: *0000000000490000-0000000000393fff 0x0000/0x0004 0x0020000
291d70.14c8: 000000000058c000-0000000000588fff 0x0104/0x0004 0x0020000
292d70.14c8: 000000000058f000-000000000058dfff 0x0004/0x0004 0x0020000
293d70.14c8: *0000000000590000-000000000058bfff 0x0002/0x0002 0x0040000
294d70.14c8: 0000000000594000-0000000000587fff 0x0001/0x0000 0x0000000
295d70.14c8: *00000000005a0000-000000000059dfff 0x0004/0x0004 0x0020000
296d70.14c8: 00000000005a2000-ffffffff80b63fff 0x0001/0x0000 0x0000000
297d70.14c8: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
298d70.14c8: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
299d70.14c8: 000000007fff0000-ffff8009e191ffff 0x0001/0x0000 0x0000000
300d70.14c8: *00007ff71e6c0000-00007ff71e69cfff 0x0002/0x0002 0x0040000
301d70.14c8: 00007ff71e6e3000-00007ff71e6d8fff 0x0001/0x0000 0x0000000
302d70.14c8: *00007ff71e6ed000-00007ff71e6eafff 0x0004/0x0004 0x0020000
303d70.14c8: *00007ff71e6ef000-00007ff71e6edfff 0x0004/0x0004 0x0020000
304d70.14c8: 00007ff71e6f0000-00007ff71e5affff 0x0001/0x0000 0x0000000
305d70.14c8: *00007ff71e830000-00007ff71e830fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
306d70.14c8: 00007ff71e831000-00007ff71e8b5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
307d70.14c8: 00007ff71e8b6000-00007ff71e8b6fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
308d70.14c8: 00007ff71e8b7000-00007ff71e8f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
309d70.14c8: 00007ff71e8f5000-00007ff71e8f5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
310d70.14c8: 00007ff71e8f6000-00007ff71e8f6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
311d70.14c8: 00007ff71e8f7000-00007ff71e8f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
312d70.14c8: 00007ff71e8f9000-00007ff71e8f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
313d70.14c8: 00007ff71e8fa000-00007ff71e8fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
314d70.14c8: 00007ff71e8fb000-00007ff71e8fefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
315d70.14c8: 00007ff71e8ff000-00007ff71e937fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
316d70.14c8: 00007ff71e938000-00007ff11fdbffff 0x0001/0x0000 0x0000000
317d70.14c8: *00007ffd1d4b0000-00007ffd1d4b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
318d70.14c8: 00007ffd1d4b1000-00007ffd1d5acfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
319d70.14c8: 00007ffd1d5ad000-00007ffd1d5eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
320d70.14c8: 00007ffd1d5ef000-00007ffd1d5f7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
321d70.14c8: 00007ffd1d5f8000-00007ffd1d605fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
322d70.14c8: 00007ffd1d606000-00007ffd1d606fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
323d70.14c8: 00007ffd1d607000-00007ffd1d609fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
324d70.14c8: 00007ffd1d60a000-00007ffd1d670fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
325d70.14c8: 00007ffd1d671000-00007ffa3ad01fff 0x0001/0x0000 0x0000000
326d70.14c8: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
327d70.14c8: VirtualBox.exe: timestamp 0x559faaf3 (rc=VINF_SUCCESS)
328d70.14c8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
329d70.14c8: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
330d70.14c8: supR3HardNtChildPurify: Done after 593 ms and 0 fixes (loop #0).
331d70.14c8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000680000 LB 0x400000)
332d70.14c8: supR3HardNtEnableThreadCreation:
33398.768: Log file opened: 4.3.30r101610 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0280000
33498.768: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd1d4b0000
33598.768: ntdll.dll: timestamp 0x55c59f92 (rc=VINF_SUCCESS)
33698.768: New simple heap: #1 00000000006b0000 LB 0x400000 (for 1839104 allocation)
33798.768: System32: \Device\HarddiskVolume4\Windows\System32
33898.768: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
33998.768: KnownDllPath: C:\WINDOWS\system32
34098.768: supR3HardenedVmProcessInit: Opening vboxdrv...
34198.768: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
34298.768: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
34398.768: Registered Dll notification callback with NTDLL.
34498.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
34598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
34698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
34798.768: supR3HardenedDllNotificationCallback: load 00007ffd1a9a0000 LB 0x001dd000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0]
34898.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
34998.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
35098.768: supR3HardenedDllNotificationCallback: load 00007ffd1ad40000 LB 0x000ad000 C:\WINDOWS\system32\KERNEL32.DLL [fFlags=0x0]
35198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
35298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1ad40000 'C:\WINDOWS\system32\KERNEL32.DLL'
35398.768: supR3HardenedDllNotificationCallback: load 00007ff71e830000 LB 0x00108000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
35498.768: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
35598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
35698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
357d70.14c8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 172 ms.
35898.768: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd1d51fb70 pvNtTerminateThread=00007ffd1d543a20
35998.768: \SystemRoot\System32\ntdll.dll:
36098.768: CreationTime: 2015-08-15T19:11:20.266601700Z
36198.768: LastWriteTime: 2015-08-08T07:29:58.168349600Z
36298.768: ChangeTime: 2015-08-20T22:36:23.360469800Z
36398.768: FileAttributes: 0x20
36498.768: Size: 0x1bce48
36598.768: NT Headers: 0xd8
36698.768: Timestamp: 0x55c59f92
36798.768: Machine: 0x8664 - amd64
36898.768: Timestamp: 0x55c59f92
36998.768: Image Version: 10.0
37098.768: SizeOfImage: 0x1c1000 (1839104)
37198.768: Resource Dir: 0x15a000 LB 0x65718
37298.768: ProductName: Microsoft® Windows® Operating System
37398.768: ProductVersion: 10.0.10240.16430
37498.768: FileVersion: 10.0.10240.16430 (th1.150807-2049)
37598.768: FileDescription: NT Layer DLL
37698.768: \SystemRoot\System32\kernel32.dll:
37798.768: CreationTime: 2015-07-10T10:59:59.699781600Z
37898.768: LastWriteTime: 2015-07-10T10:59:59.699781600Z
37998.768: ChangeTime: 2015-08-03T15:58:18.563437600Z
38098.768: FileAttributes: 0x20
38198.768: Size: 0xab830
38298.768: NT Headers: 0xf0
38398.768: Timestamp: 0x559f38ad
38498.768: Machine: 0x8664 - amd64
38598.768: Timestamp: 0x559f38ad
38698.768: Image Version: 10.0
38798.768: SizeOfImage: 0xad000 (708608)
38898.768: Resource Dir: 0xab000 LB 0x518
38998.768: ProductName: Microsoft® Windows® Operating System
39098.768: ProductVersion: 10.0.10240.16384
39198.768: FileVersion: 10.0.10240.16384 (th1.150709-1700)
39298.768: FileDescription: Windows NT BASE API Client DLL
39398.768: \SystemRoot\System32\KernelBase.dll:
39498.768: CreationTime: 2015-07-10T11:00:10.325689700Z
39598.768: LastWriteTime: 2015-07-10T11:00:10.325689700Z
39698.768: ChangeTime: 2015-08-03T15:58:18.579063600Z
39798.768: FileAttributes: 0x20
39898.768: Size: 0x1dc680
39998.768: NT Headers: 0x100
40098.768: Timestamp: 0x559f38c3
40198.768: Machine: 0x8664 - amd64
40298.768: Timestamp: 0x559f38c3
40398.768: Image Version: 10.0
40498.768: SizeOfImage: 0x1dd000 (1953792)
40598.768: Resource Dir: 0x1c7000 LB 0x530
40698.768: ProductName: Microsoft® Windows® Operating System
40798.768: ProductVersion: 10.0.10240.16384
40898.768: FileVersion: 10.0.10240.16384 (th1.150709-1700)
40998.768: FileDescription: Windows NT BASE API Client DLL
41098.768: \SystemRoot\System32\apisetschema.dll:
41198.768: CreationTime: 2015-07-10T11:00:04.872098600Z
41298.768: LastWriteTime: 2015-07-10T11:00:04.872098600Z
41398.768: ChangeTime: 2015-08-03T15:58:17.422754700Z
41498.768: FileAttributes: 0x20
41598.768: Size: 0x16760
41698.768: NT Headers: 0xc8
41798.768: Timestamp: 0x559f3e3d
41898.768: Machine: 0x8664 - amd64
41998.768: Timestamp: 0x559f3e3d
42098.768: Image Version: 10.0
42198.768: SizeOfImage: 0x17000 (94208)
42298.768: Resource Dir: 0x16000 LB 0x3f0
42398.768: ProductName: Microsoft® Windows® Operating System
42498.768: ProductVersion: 10.0.10240.16384
42598.768: FileVersion: 10.0.10240.16384 (th1.150709-1700)
42698.768: FileDescription: ApiSet Schema DLL
42798.768: NtOpenDirectoryObject failed on \Driver: 0xc0000022
42898.768: supR3HardenedWinFindAdversaries: 0x100
42998.768: \SystemRoot\System32\drivers\avgidsdrivera.sys:
43098.768: CreationTime: 2015-06-26T12:49:10.000000000Z
43198.768: LastWriteTime: 2015-06-26T12:49:10.000000000Z
43298.768: ChangeTime: 2015-08-04T11:56:29.400943100Z
43398.768: FileAttributes: 0x80
43498.768: Size: 0x479b0
43598.768: NT Headers: 0xe8
43698.768: Timestamp: 0x558d03f3
43798.768: Machine: 0x8664 - amd64
43898.768: Timestamp: 0x558d03f3
43998.768: Image Version: 6.2
44098.768: SizeOfImage: 0x4d000 (315392)
44198.768: Resource Dir: 0x4b000 LB 0x554
44298.768: ProductName: AVG Internet Security
44398.768: ProductVersion: 15.0.0.6079
44498.768: FileVersion: 15.0.0.6079
44598.768: SpecialBuild: AvCompile_2015_0626_094201(6079), SVNRev 87306f2d1d04b7b02d0c8ae6ba45aa5e0a31a3dd (release/SmallUpdate2015-06_release), av
44698.768: PrivateBuild: x64 Release_Unicode_DRIVER
44798.768: FileDescription: AVG IDS Application Activity Monitor Driver.
44898.768: Calling main()
44998.768: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
45098.768: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
45198.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
45298.768: SUPR3HardenedMain: Final process, opening VBoxDrv...
45398.768: supR3HardenedEarlyCompact: Removed heap 1 (0x000000006b0000 LB 0x400000)
45498.768: supR3HardNtEnableThreadCreation:
45598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
45698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
45798.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
45898.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
45998.768: supR3HardenedDllNotificationCallback: load 00007ffd057f0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
46098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
46198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
46298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
46398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd057f0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
46498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
46598.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
46698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd057f0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
46798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd057f0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
46898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
46998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
47098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
47198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
47298.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
47398.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
47498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
47598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
47698.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
47798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
47898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
47998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
48098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
48198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'msasn1.dll'.
48298.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
48398.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
48498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
48598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
48698.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
48798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
48898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
48998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
49098.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
49198.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
49298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
49398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
49498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
49598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
49698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
49798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
49898.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
49998.768: supR3HardenedDllNotificationCallback: load 00007ffd1cd90000 LB 0x0009d000 C:\WINDOWS\system32\msvcrt.dll [fFlags=0x0]
50098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
50198.768: supR3HardenedDllNotificationCallback: load 00007ffd19f40000 LB 0x00011000 C:\WINDOWS\system32\MSASN1.dll [fFlags=0x0]
50298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
50398.768: supR3HardenedDllNotificationCallback: load 00007ffd1a720000 LB 0x001c1000 C:\WINDOWS\system32\CRYPT32.dll [fFlags=0x0]
50498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
50598.768: supR3HardenedDllNotificationCallback: load 00007ffd1ae50000 LB 0x00126000 C:\WINDOWS\system32\RPCRT4.dll [fFlags=0x0]
50698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
50798.768: supR3HardenedDllNotificationCallback: load 00007ffd1a600000 LB 0x00054000 C:\WINDOWS\system32\Wintrust.dll [fFlags=0x0]
50898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
50998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\WINDOWS\system32\Wintrust.dll'
51098.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
51198.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
51298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
51398.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
51498.768: supR3HardenedDllNotificationCallback: load 00007ffd19e10000 LB 0x00028000 C:\WINDOWS\system32\bcrypt.dll [fFlags=0x0]
51598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
51698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd19e10000 'C:\WINDOWS\system32\bcrypt.dll'
51798.768: bcrypt.dll loaded at 00007ffd19e10000, BCryptOpenAlgorithmProvider at 00007ffd19e14a00, preloading providers:
51898.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
51998.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
52098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
52198.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
52298.768: supR3HardenedDllNotificationCallback: load 00007ffd19ca0000 LB 0x0006b000 C:\WINDOWS\system32\bcryptprimitives.dll [fFlags=0x0]
52398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
52498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd19ca0000 'C:\WINDOWS\system32\bcryptprimitives.dll'
52598.768: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000c2a3e0)
52698.768: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000c2aaa0)
52798.768: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000c2b580)
52898.768: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000c2b850)
52998.768: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000c2bb60)
53098.768: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000c2be70)
53198.768: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000c2c180)
53298.768: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000c2c450)
53398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
53498.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
53598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
53698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
53798.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
53898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
53998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
54098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
54198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
54298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
54398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
54498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
54598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
54698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
54798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
54898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
54998.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
55098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
55198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
55298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
55398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
55498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'.
55598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
55698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
55798.768: supR3HardenedDllNotificationCallback: load 00007ffd19460000 LB 0x00017000 C:\WINDOWS\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
55898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
55998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'bcrypt.dll'.
56098.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
56198.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
56298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
56398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
56498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
56598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
56698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
56798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
56898.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
56998.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
57098.768: supR3HardenedDllNotificationCallback: load 00007ffd190b0000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
57198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
57298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
57398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
57498.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
57598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
57698.768: supR3HardenedDllNotificationCallback: load 00007ffd19600000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
57798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
57898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
57998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
58098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
58198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
58298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
58398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1ad40000 'C:\WINDOWS\system32\kernel32.dll'
58498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
58598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
58698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
58798.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
58898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\CRYPT32.dll'
58998.768: supR3HardenedDllNotificationCallback: load 00007ffd1ab80000 LB 0x0001c000 C:\WINDOWS\system32\imagehlp.dll [fFlags=0x0]
59098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
59198.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
59298.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
59398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
59498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
59598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
59698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
59798.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
59898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
59998.768: supR3HardenedDllNotificationCallback: load 00007ffd1b420000 LB 0x0005b000 C:\WINDOWS\system32\sechost.dll [fFlags=0x0]
60098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
60198.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
60298.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
60398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
60498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
60598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
60698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
60798.768: supR3HardenedDllNotificationCallback: load 00007ffd18af0000 LB 0x00023000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
60898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
60998.768: supR3HardenedDllNotificationCallback: load 00007ffd19f60000 LB 0x00013000 C:\WINDOWS\system32\profapi.dll [fFlags=0x0]
61098.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
61198.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
61298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
61398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
61498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'wldap32.dll'.
61598.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
61698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
61798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
61898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume4\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
61998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
62098.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\Wldap32.dll)
62198.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Wldap32.dll
62298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
62398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
62498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
62598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
62698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
62798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
62898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
62998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
63098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
63198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
63298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
63398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
63498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
63598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
63698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
63798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
63898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
63998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
64098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
64198.768: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
64298.768: supR3HardenedDllNotificationCallback: load 00007ffd1adf0000 LB 0x0005b000 C:\WINDOWS\system32\WLDAP32.dll [fFlags=0x0]
64398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
64498.768: supR3HardenedDllNotificationCallback: load 00007ffd083c0000 LB 0x0002f000 C:\WINDOWS\system32\cryptnet.dll [fFlags=0x0]
64598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
64698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
64798.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
64898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
64998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
65098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
65198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
65298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
65398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
65498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
65598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
65698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
65798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
65898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
65998.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
66098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
66198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
66298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
66398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
66498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
66598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
66698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
66798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
66898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
66998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
67098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
67198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
67298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
67398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
67498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\WINDOWS\system32\cryptnet.dll'
67598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
67698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd083c0000 'C:\Windows\System32\cryptnet.dll'
67798.768: supR3HardenedDllNotificationCallback: load 00007ffd1cce0000 LB 0x000a6000 C:\WINDOWS\system32\advapi32.dll [fFlags=0x0]
67898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
67998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
68098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
68198.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
68298.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
68398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
68498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
68598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
68698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
68798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
68898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
68998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
69098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
69198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
69298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
69398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
69498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
69598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
69698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
69798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
69898.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
69998.768: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000c73ea0
70098.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
70198.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=311B4CDD9B998ED36E8EA94DCB004D809301CC36
70298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
70398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
70498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1ae50000 'C:\WINDOWS\system32\rpcrt4.dll'
70598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
70698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
70798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
70898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
70998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
71098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
71198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
71298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
71398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
71498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
71598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
71698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
71798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
71898.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
71998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\Windows\System32\WINTRUST.DLL'
72098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
72198.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
72298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
72398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
72498.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
72598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
72698.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_555_for_KB3081455~31bf3856ad364e35~amd64~~10.0.1.3.cat'; file='\SystemRoot\System32\ntdll.dll'
72798.768: g_pfnWinVerifyTrust=00007ffd1a608890
72898.768: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
72998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
73098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
73198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
73298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
73398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
73498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
73598.768: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
73698.768: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
73798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
73898.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
73998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
74098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
74198.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
74298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
74398.768: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
74498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
74598.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
74698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
74798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
74898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
74998.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume4\Windows\System32\Wldap32.dll
75098.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
75198.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
75298.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3E30C00BB3189B639214835B4F4C320DEC5BFA77
75398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
75498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
75598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
75698.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-ds-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
75798.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
75898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
75998.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000037c pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
76098.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
76198.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
76298.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5997BB270A09A76A71A9EE8A7ADB154F3D75EEF3
76398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
76498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
76598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
76698.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-ds-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
76798.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
76898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
76998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
77098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
77198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
77298.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
77398.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
77498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
77598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
77698.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
77798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
77898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
77998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
78098.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
78198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
78298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
78398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
78498.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
78598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
78698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
78798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
78898.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
78998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
79098.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
79198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
79298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
79398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
79498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
79598.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
79698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
79798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
79898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
79998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
80098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
80198.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
80298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
80398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
80498.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
80598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
80698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
80798.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
80898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
80998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
81098.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
81198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
81298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
81398.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
81498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
81598.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
81698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
81798.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe'
81898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
81998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
82098.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
82198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
82298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
82398.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
82498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
82598.768: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
82698.768: supR3HardenedWinIsDesiredRootCA: Adding 0x30ff2aca6ca5c700 C=CZ, ST=Moravia, L=Brno, O=AVG Technologies cz, OU=Engineering, CN=AVG Technologies
82798.768: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
82898.768: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
82998.768: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
83098.768: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
83198.768: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
83298.768: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
83398.768: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
83498.768: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
83598.768: supR3HardenedWinIsDesiredRootCA: Adding 0xf8323da0bcec9100 CN=localhost, O=Skype Click to Call, OU=Skype Click to Call
83698.768: supR3HardenedWinIsDesiredRootCA: Adding 0x75a2ccecb8259a00 C=TW, O=Government Root Certification Authority
83798.768: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
83898.768: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
83998.768: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
84098.768: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
84198.768: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
84298.768: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
84398.768: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
84498.768: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
84598.768: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
84698.768: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
84798.768: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
84898.768: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
84998.768: supR3HardenedWinIsDesiredRootCA: Adding 0x40e7dd0ea446ba00 C=BR, O=ICP-Brasil, OU=Instituto Nacional de Tecnologia da Informacao - ITI, CN=Autoridade Certificadora Raiz Brasileira v2
85098.768: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
85198.768: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
85298.768: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
85398.768: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
85498.768: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
85598.768: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
85698.768: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
85798.768: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
85898.768: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
85998.768: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
86098.768: supR3HardenedWinIsDesiredRootCA: Adding 0x185da5e55536b700 C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Chambers of Commerce Root
86198.768: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
86298.768: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
86398.768: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
86498.768: supR3HardenedWinIsDesiredRootCA: Adding 0x6e2ba21058eedf00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN - DATACorp SGC
86598.768: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
86698.768: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
86798.768: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
86898.768: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
86998.768: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
87098.768: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
87198.768: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
87298.768: supR3HardenedWinIsDesiredRootCA: Adding 0x92ac5ed85c2d0e9b C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2007 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G4
87398.768: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
87498.768: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
87598.768: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
87698.768: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
87798.768: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
87898.768: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=53
87998.768: SUPR3HardenedMain: Load Runtime...
88098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
88198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
88298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
88398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
88498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
88598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
88698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
88798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
88898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
88998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
89098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
89198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
89298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
89398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
89498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'nsi.dll'.
89598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
89698.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll)WinVerifyTrust
89798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
89898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
89998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
90098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
90198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
90298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
90398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
90498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
90598.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\nsi.dll'.
90698.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\nsi.dll)
90798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\nsi.dll
90898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
90998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
91098.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
91198.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
91298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
91398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
91498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
91598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
91698.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
91798.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
91898.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
91998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
92098.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
92198.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
92298.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
92398.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
92498.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
92598.768: supR3HardenedDllNotificationCallback: load 0000000060be0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
92698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
92798.768: supR3HardenedDllNotificationCallback: load 0000000060cc0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
92898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
92998.768: supR3HardenedDllNotificationCallback: load 00007ffd1ac80000 LB 0x00008000 C:\WINDOWS\system32\NSI.dll [fFlags=0x0]
93098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
93198.768: supR3HardenedDllNotificationCallback: load 00007ffd1cf30000 LB 0x00069000 C:\WINDOWS\system32\WS2_32.dll [fFlags=0x0]
93298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
93398.768: supR3HardenedDllNotificationCallback: load 00007ffce7b70000 LB 0x00537000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
93498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
93598.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
93698.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
93798.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\nsi.dll'.
93898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rescheduled]
93998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
94098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
94198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
94298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
94398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
94498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
94598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
94698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
94798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
94898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
94998.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
95098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
95198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
95298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
95398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
95498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
95598.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
95698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
95798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
95898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
95998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
96598.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
96698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
96998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
97998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
98098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
98198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
98298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
98398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
98498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
98598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
98698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
98798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7b70000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
98898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a600000 'C:\WINDOWS\system32\Wintrust.dll'
98998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
99098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
99198.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
99298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
99398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
99498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
99598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
99698.768: Error -1912 in supR3HardenedMainInitRuntime! (enmWhat=4)
99798.768: RTR3InitEx failed with rc=-1912
99898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
99998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
100098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
100198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
100298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
100398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
100498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
100598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
100698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
100798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
100898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
100998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
101098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
101198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
101298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
101398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
101498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
101598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
101698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
101798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
101898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
101998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
102098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
102198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
102298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
102398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
102498.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll)WinVerifyTrust
102598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
102698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
102798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
102898.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\HarddiskVolume4\Windows\System32\comdlg32.dll
102998.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
103098.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
103198.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=857477BEC0F0F69A9C4898B3680E207E94733C3F
103298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
103398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
103498.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
103598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
103698.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
103798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
103898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
103998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
104098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
104198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
104298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
104398.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
104498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
104598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'.
104698.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
104798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
104898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
104998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
105098.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\devobj.dll'.
105198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
105298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
105398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll)
105498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll
105598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
105698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
105798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
105898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
105998.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
106098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
106198.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
106298.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
106398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
106498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
106598.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
106698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
106798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
106898.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
106998.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
107098.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
107198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
107298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
107398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
107498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
107598.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
107698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
107798.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_207_for_KB3074683~31bf3856ad364e35~amd64~~10.0.1.0.cat'; file='\Device\HarddiskVolume4\Windows\System32\comdlg32.dll'
107898.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
107998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
108098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'user32.dll'.
108198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'shlwapi.dll'.
108298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'.
108398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'comctl32.dll'.
108498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'shell32.dll'.
108598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll)WinVerifyTrust
108698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
108798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
108898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
108998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
109098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
109198.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
109298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
109398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'user32.dll'.
109498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'gdi32.dll'.
109598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
109698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
109798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
109898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
109998.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
110098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
110198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
110298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
110398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll)
110498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll
110598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
110698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
110798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
110898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
110998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
111098.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
111198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
111298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'gdi32.dll'.
111398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
111498.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
111598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
111698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
111798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
111898.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
111998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
112098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
112198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
112298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
112398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
112498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
112598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
112698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
112798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
112898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
112998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
113098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
113198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
113298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
113398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
113498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
113598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
113698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
113798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
113898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
113998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
114098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
114198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
114298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
114398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
114498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
114598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
114698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
114798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
114898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
114998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
115098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
115198.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll)WinVerifyTrust
115298.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
115398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
115498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
115598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
115698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
115798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
115898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
115998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
116098.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
116198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
116298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
116398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
116498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
116598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
116698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
116798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
116898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
116998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
117098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
117198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
117298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
117398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
117498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
117598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'.
117698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'.
117798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
117898.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll)WinVerifyTrust
117998.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
118098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
118198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
118298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [redoing WinVerifyTrust]
118398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
118498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
118598.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
118698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
118798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
118898.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
118998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
119098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
119198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
119298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
119398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
119498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
119598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
119698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
119798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
119898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
119998.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
120098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
120198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
120298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
120398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
120498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
120598.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
120698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
120798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
120898.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
120998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
121098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
121198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
121298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
121398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
121498.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
121598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
121698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
121798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
121898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
121998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
122098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
122198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
122298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
122398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
122498.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
122598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
122698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
122798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
122898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
122998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
123098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
123198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
123298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
123398.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'.
123498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
123598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
123698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
123798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
123898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
123998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
124098.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
124198.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
124298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
124398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
124498.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
124598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
124698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
124798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
124898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
124998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
125098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
125198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
125298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
125398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
125498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
125598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
125698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
125798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
125898.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
125998.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
126098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
126198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
126298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
126398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
126498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
126598.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
126698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
126798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
126898.768: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
126998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
127098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
127198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
127298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
127398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
127498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
127598.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
127698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
127798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
127898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
127998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
128098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
128198.768: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\ddraw.dll'.
128298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
128398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'user32.dll'.
128498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'gdi32.dll'.
128598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'dciman32.dll'.
128698.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ddraw.dll)
128798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ddraw.dll
128898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
128998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
129098.768: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
129198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
129298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
129398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
129498.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
129598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
129698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
129798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
129898.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
129998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
130098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
130198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
130298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
130398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
130498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
130598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
130698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
130798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
130898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
130998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
131098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
131198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
131298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
131398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
131498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
131598.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
131698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
131798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
131898.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
131998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
132098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
132198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
132298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
132398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
132498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
132598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
132698.768: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
132798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
132898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'.
132998.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv)
133098.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv
133198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
133298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
133398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
133498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
133598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
133698.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
133798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
133898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'msctf.dll'.
133998.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
134098.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
134198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
134298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
134398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
134498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
134598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
134698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
134798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
134898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
134998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
135098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
135198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
135298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
135398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
135498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
135598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
135698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
135798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
135898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
135998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
136098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
136198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
136298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
136398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
136498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
136598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
136698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
136798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
136898.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msctf.dll'.
136998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
137098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
137198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
137298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'.
137398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
137498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
137598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
137698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
137798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
137898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
137998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
138098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
138198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
138298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
138398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
138498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
138598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
138698.768: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
138798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
138898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
138998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
139098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
139198.768: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\dciman32.dll'.
139298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
139398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
139498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
139598.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dciman32.dll)
139698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dciman32.dll
139798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
139898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
139998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
140098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
140198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
140298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
140398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
140498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
140598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
140698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
140798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
140898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
140998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
141098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
141198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
141298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
141398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
141498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
141598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
141698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
141798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
141898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
141998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
142098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
142198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
142298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
142398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
142498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
142598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
142698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
142798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [redoing WinVerifyTrust]
142898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
142998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
143098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
143198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
143298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
143398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
143498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
143598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
143698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
143798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
143898.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'
143998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
144098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
144198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [redoing WinVerifyTrust]
144298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
144398.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'
144498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
144598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
144698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
144798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
144898.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
144998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
145098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
145198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
145298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
145398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
145498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
145598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
145698.768: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
145798.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000410 pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
145898.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
145998.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
146098.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5F0CC8DA0E67C8C01864C0783FA867C4BDCE0AAA
146198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
146298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
146398.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
146498.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
146598.768: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
146698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
146798.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
146898.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
146998.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
147098.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
147198.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
147298.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
147398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
147498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
147598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
147698.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll)
147798.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll
147898.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
147998.768: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
148098.768: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
148198.768: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
148298.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
148398.768: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
148498.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
148598.768: supR3HardenedDllNotificationCallback: load 00007ffd1d360000 LB 0x0014e000 C:\WINDOWS\system32\USER32.dll [fFlags=0x0]
148698.768: supR3HardenedDllNotificationCallback: load 00007ffd1b290000 LB 0x00186000 C:\WINDOWS\system32\GDI32.dll [fFlags=0x0]
148798.768: supR3HardenedDllNotificationCallback: load 00007ffd111c0000 LB 0x00008000 C:\WINDOWS\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
148898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
148998.768: supR3HardenedDllNotificationCallback: load 00007ffd02910000 LB 0x000f6000 C:\WINDOWS\SYSTEM32\DDRAW.dll [fFlags=0x0]
149098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
149198.768: supR3HardenedDllNotificationCallback: load 00007ffd09db0000 LB 0x0002e000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
149298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
149398.768: supR3HardenedDllNotificationCallback: load 00007ffd04600000 LB 0x00128000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
149498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
149598.768: supR3HardenedDllNotificationCallback: load 00007ffd1d000000 LB 0x0027c000 C:\WINDOWS\system32\combase.dll [fFlags=0x0]
149698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
149798.768: supR3HardenedDllNotificationCallback: load 00007ffd1cb80000 LB 0x00141000 C:\WINDOWS\system32\ole32.dll [fFlags=0x0]
149898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
149998.768: supR3HardenedDllNotificationCallback: load 000000005ff90000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
150098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
150198.768: supR3HardenedDllNotificationCallback: load 00007ffd1a660000 LB 0x000b3000 C:\WINDOWS\system32\shcore.dll [fFlags=0x0]
150298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
150398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'combase.dll'.
150498.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
150598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
150698.768: supR3HardenedDllNotificationCallback: load 00007ffd1aba0000 LB 0x00051000 C:\WINDOWS\system32\shlwapi.dll [fFlags=0x0]
150798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [avoiding WinVerifyTrust]
150898.768: supR3HardenedDllNotificationCallback: load 00007ffd08060000 LB 0x000aa000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\COMCTL32.dll [fFlags=0x0]
150998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [avoiding WinVerifyTrust]
151098.768: supR3HardenedDllNotificationCallback: load 00007ffd19f30000 LB 0x0000f000 C:\WINDOWS\system32\kernel.appcore.dll [fFlags=0x0]
151198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'.
151298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
151398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
151498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
151598.768: supR3HardenedDllNotificationCallback: load 00007ffd19ee0000 LB 0x0004a000 C:\WINDOWS\system32\powrprof.dll [fFlags=0x0]
151698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
151798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
151898.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)
151998.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
152098.768: supR3HardenedDllNotificationCallback: load 00007ffd19fd0000 LB 0x00629000 C:\WINDOWS\system32\windows.storage.dll [fFlags=0x0]
152198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
152298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
152398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
152498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'profapi.dll'.
152598.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll)
152698.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll
152798.768: supR3HardenedDllNotificationCallback: load 00007ffd1b650000 LB 0x01522000 C:\WINDOWS\system32\SHELL32.dll [fFlags=0x0]
152898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
152998.768: supR3HardenedDllNotificationCallback: load 00007ffd1d280000 LB 0x000d7000 C:\WINDOWS\system32\COMDLG32.dll [fFlags=0x0]
153098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
153198.768: supR3HardenedDllNotificationCallback: load 00007ffd1ce70000 LB 0x000be000 C:\WINDOWS\system32\OLEAUT32.dll [fFlags=0x0]
153298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
153398.768: supR3HardenedDllNotificationCallback: load 00007ffd1af80000 LB 0x0015c000 C:\WINDOWS\system32\MSCTF.dll [fFlags=0x0]
153498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [avoiding WinVerifyTrust]
153598.768: supR3HardenedDllNotificationCallback: load 00007ffd1ce30000 LB 0x00036000 C:\WINDOWS\system32\IMM32.dll [fFlags=0x0]
153698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
153798.768: supR3HardenedDllNotificationCallback: load 00007ffd19f80000 LB 0x00044000 C:\WINDOWS\system32\cfgmgr32.dll [fFlags=0x0]
153898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
153998.768: supR3HardenedDllNotificationCallback: load 00007ffd19b80000 LB 0x00027000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
154098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
154198.768: supR3HardenedDllNotificationCallback: load 00007ffd17c30000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
154298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
154398.768: supR3HardenedDllNotificationCallback: load 00007ffd17c60000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
154498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
154598.768: supR3HardenedDllNotificationCallback: load 00007ffd15230000 LB 0x00084000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
154698.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
154798.768: supR3HardenedDllNotificationCallback: load 0000000060270000 LB 0x00969000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
154898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
154998.768: supR3HardenedDllNotificationCallback: load 000000005fda0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
155098.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
155198.768: supR3HardenedDllNotificationCallback: load 000000005feb0000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
155298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
155398.768: supR3HardenedDllNotificationCallback: load 00007ffce7120000 LB 0x00875000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
155498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
155598.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
155698.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
155798.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
155898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
155998.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
156098.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
156198.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
156298.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
156398.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll'.
156498.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll' [rescheduled]
156598.768: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\dciman32.dll'.
156698.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rescheduled]
156798.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msctf.dll'.
156898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rescheduled]
156998.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
157098.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
157198.768: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
157298.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rescheduled]
157398.768: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
157498.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
157598.768: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\ddraw.dll'.
157698.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rescheduled]
157798.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
157898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
157998.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
158098.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
158198.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
158298.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rescheduled]
158398.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
158498.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
158598.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\devobj.dll'.
158698.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rescheduled]
158798.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
158898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
158998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
159098.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
159198.768: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\imm32.dll
159298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
159398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
159498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
159598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
159698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
159798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
159898.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
159998.768: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
160098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
160198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
160298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
160398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
160498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
160598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
160698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
160798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
160898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
160998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
161098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
161198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
161298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
161398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
161498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
161598.768: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
161698.768: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
161798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
161898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
161998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
162098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
162198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
162298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
162398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
162498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
162598.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
162698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
162798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1ce30000 'C:\WINDOWS\system32\imm32.dll'
162898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce7120000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
162998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
163098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
163198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd17c60000 'C:\WINDOWS\system32\winmm.dll'
163298.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000067c pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
163398.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
163498.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
163598.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3717D376EF95470D8C03AD02F97C4DCBCE269CF8
163698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
163798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
163898.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_205_for_KB3074683~31bf3856ad364e35~amd64~~10.0.1.0.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
163998.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
164098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
164198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
164298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
164398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll)WinVerifyTrust
164498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
164598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
164698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
164798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
164898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
164998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
165098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
165198.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
165298.768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
165398.768: supR3HardenedDllNotificationCallback: load 00007ffd17fc0000 LB 0x00096000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
165498.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
165598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd17fc0000 'C:\WINDOWS\system32\uxtheme.dll'
165698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
165798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
165898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'.
165998.768: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll)
166098.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
166198.768: supR3HardenedDllNotificationCallback: load 00007ffd16f60000 LB 0x00022000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0]
166298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
166398.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000694 pwszName=\Device\HarddiskVolume4\Windows\System32\dwmapi.dll
166498.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
166598.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
166698.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=71451274041047D99462EA805D3FAD1A9E10F86D
166798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
166898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
166998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
167098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
167198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
167298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
167398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
167498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
167598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
167698.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB3074683~31bf3856ad364e35~amd64~~10.0.1.0.cat'; file='\Device\HarddiskVolume4\Windows\System32\dwmapi.dll'
167798.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
167898.768: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dwmapi.dll'
167998.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
168098.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
168198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1b650000 'C:\WINDOWS\system32\shell32.dll'
168298.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
168398.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
168498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1ad40000 'C:\WINDOWS\system32\kernel32.dll'
168598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
168698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
168798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd17fc0000 'C:\WINDOWS\system32\uxtheme.dll'
168898.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
168998.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
169098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd17fc0000 'C:\WINDOWS\system32\uxtheme.dll'
169198.768: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
169298.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
169398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll'
169498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1d360000 'C:\WINDOWS\system32\user32.dll'
169598.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
169698.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
169798.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd17fc0000 'C:\WINDOWS\system32\uxtheme.dll'
169898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1d360000 'C:\WINDOWS\system32\user32.dll'
169998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1b290000 'C:\WINDOWS\system32\gdi32.dll'
170098.768: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
170198.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
170298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll'
170398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1d360000 'C:\WINDOWS\system32\user32.dll'
170498.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
170598.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\SYSTEM32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
170698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd17c60000 'C:\WINDOWS\SYSTEM32\WINMM.dll'
170798.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
170898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
170998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
171098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
171198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
171298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
171398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msimg32.dll'.
171498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msimg32.dll'.
171598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'comdlg32.dll'.
171698.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'comdlg32.dll'.
171798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
171898.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
171998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
172098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
172198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shell32.dll'.
172298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shell32.dll'.
172398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'comctl32.dll'.
172498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'comctl32.dll'.
172598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shlwapi.dll'.
172698.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shlwapi.dll'.
172798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'ole32.dll'.
172898.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'ole32.dll'.
172998.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'.
173098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'.
173198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'gdiplus.dll'.
173298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'gdiplus.dll'.
173398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleacc.dll'.
173498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleacc.dll'.
173598.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'imm32.dll'.
173698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
173798.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Acer\Acer Power Management\SysHook.dll)WinVerifyTrust
173898.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Acer\Acer Power Management\SysHook.dll
173998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
174098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'imm32.dll'.
174198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
174298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
174398.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Acer\Acer Power Management\SysHook.dll)WinVerifyTrust
174498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
174598.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
174698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
174798.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
174898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
174998.1b08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
175098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
175198.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
175298.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
175398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
175498.1b08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
175598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
175698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
175798.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
175898.1b08: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
175998.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
176098.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHook.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
176198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleacc.dll'...
176298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleacc.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleacc.dll' [rcNtRedir=0xc0150008]
176398.1b08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Acer\Acer Power Management\SysHook.dll
176498.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000728 pwszName=\Device\HarddiskVolume4\Windows\System32\oleacc.dll
176598.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
176698.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
176798.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BBAC4B5CEB1A5E84F1CCA9956760A35BA150F909
176898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
176998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
177098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
177198.1b08: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msimg32.dll)
177298.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msimg32.dll
177398.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
177498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'user32.dll'.
177598.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'gdi32.dll'.
177698.1b08: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.10240.16384_none_89a94c179af51f83\GdiPlus.dll)
177798.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.10240.16384_none_89a94c179af51f83\GdiPlus.dll
177898.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
177998.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
178098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'user32.dll'.
178198.1b08: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\oleacc.dll)
178298.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleacc.dll
178398.1b08: supR3HardenedDllNotificationCallback: load 00007ffd08e90000 LB 0x00007000 C:\WINDOWS\SYSTEM32\MSIMG32.dll [fFlags=0x0]
178498.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msimg32.dll [avoiding WinVerifyTrust]
178598.1b08: supR3HardenedDllNotificationCallback: load 00007ffcfb4a0000 LB 0x001a9000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.10240.16384_none_89a94c179af51f83\gdiplus.dll [fFlags=0x0]
178698.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.10240.16384_none_89a94c179af51f83\GdiPlus.dll [avoiding WinVerifyTrust]
178798.1b08: supR3HardenedDllNotificationCallback: load 00007ffd01b60000 LB 0x00069000 C:\WINDOWS\SYSTEM32\OLEACC.dll [fFlags=0x0]
178898.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll [avoiding WinVerifyTrust]
178998.1b08: supR3HardenedDllNotificationCallback: load 00007ffcf09a0000 LB 0x0022f000 C:\Program Files\Acer\Acer Power Management\SysHook.dll [fFlags=0x0]
179098.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Acer\Acer Power Management\SysHook.dll
179198.1b08: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\oleacc.dll'.
179298.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\oleacc.dll' [rescheduled]
179398.1b08: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.10240.16384_none_89a94c179af51f83\GdiPlus.dll'.
179498.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.10240.16384_none_89a94c179af51f83\GdiPlus.dll' [rescheduled]
179598.1b08: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\msimg32.dll'.
179698.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msimg32.dll' [rescheduled]
179798.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
179898.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
179998.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
180098.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
180198.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
180298.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
180398.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
180498.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
180598.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
180698.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
180798.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
180898.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
180998.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
181098.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
181198.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
181298.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\UxTheme.dll (Input=UxTheme.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
181398.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd17fc0000 'C:\WINDOWS\system32\UxTheme.dll'
181498.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
181598.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
181698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd16f60000 'C:\WINDOWS\system32\dwmapi.dll'
181798.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
181898.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
181998.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1ad40000 'C:\WINDOWS\system32\KERNEL32.DLL'
182098.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; rcNtGetDll=0x0
182198.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
182298.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll'
182398.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; rcNtGetDll=0x0
182498.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
182598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll'
182698.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookENU.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookENU.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookENU.dll; rcNtGetDll=0x0
182798.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookENU.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
182898.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookENU.dll'
182998.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookENU.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookENU.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookENU.dll; rcNtGetDll=0x0
183098.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookENU.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
183198.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookENU.dll'
183298.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; rcNtGetDll=0x0
183398.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
183498.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll'
183598.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; rcNtGetDll=0x0
183698.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
183798.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll'
183898.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; rcNtGetDll=0x0
183998.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
184098.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll'
184198.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll; rcNtGetDll=0x0
184298.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
184398.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookPTB.dll'
184498.1b08: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Program Files\Acer\Acer Power Management\SysHookLOC.dll': 0 (NtPath=\??\C:\Program Files\Acer\Acer Power Management\SysHookLOC.dll; Input=C:\Program Files\Acer\Acer Power Management\SysHookLOC.dll; rcNtGetDll=0x0
184598.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHookLOC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
184698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Program Files\Acer\Acer Power Management\SysHookLOC.dll'
184798.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf09a0000 'C:\Program Files\Acer\Acer Power Management\SysHook.dll'
184898.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\oleacc.dll'
184998.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
185098.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
185198.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
185298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'user32.dll'.
185398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleacc.dll)WinVerifyTrust
185498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleacc.dll'...
185598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleacc.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleacc.dll' [rcNtRedir=0xc0150008]
185698.768: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll [redoing WinVerifyTrust]
185798.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000738 pwszName=\Device\HarddiskVolume4\Windows\System32\oleacc.dll
185898.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
185998.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
186098.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BBAC4B5CEB1A5E84F1CCA9956760A35BA150F909
186198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
186298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
186398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
186498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
186598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
186698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
186798.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
186898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
186998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
187098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'.
187198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
187298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
187398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
187498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'.
187598.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll)
187698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
187798.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
187898.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
187998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
188098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume4\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
188198.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
188298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
188398.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\propsys.dll'.
188498.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
188598.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
188698.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
188798.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
188898.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll)
188998.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\propsys.dll
189098.1b08: supR3HardenedDllNotificationCallback: load 00007ffd17950000 LB 0x00183000 C:\WINDOWS\SYSTEM32\PROPSYS.dll [fFlags=0x0]
189198.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll [avoiding WinVerifyTrust]
189298.1b08: supR3HardenedDllNotificationCallback: load 00007ffd14820000 LB 0x00072000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0]
189398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll)
189498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
189598.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [avoiding WinVerifyTrust]
189698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
189798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust]
189898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
189998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
190098.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
190198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
190298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
190398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
190498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
190598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
190698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
190798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
190898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
190998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
191098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
191198.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
191298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
191398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
191498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
191598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
191698.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\propsys.dll'
191798.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
191898.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\oleacc.dll'
191998.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
192098.768: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\oleacc.dll'
192198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdiplus.dll'...
192298.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
192398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdiplus.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdiplus.dll' [rcNtRedir=0x0]
192498.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000006fc pwszName=\Device\HarddiskVolume4\Windows\System32\GdiPlus.dll
192598.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
192698.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
192798.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll'
192898.1b08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000768 pwszName=\Device\HarddiskVolume4\Windows\System32\wdmaud.drv
192998.1b08: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000012d9e50
193098.1b08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000012d9e50
193198.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=981AABC9636B31B305F33D6B2B0782E016B4A483
193298.1b08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83143779FC4D27950BF3BCBCD430201AA21D5678
193398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
193498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
193598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
193698.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\GdiPlus.dll'
193798.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
193898.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
193998.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
194098.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
194198.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
194298.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'user32.dll'.
194398.768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'gdi32.dll'.
194498.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\GdiPlus.dll)WinVerifyTrust
194598.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\GdiPlus.dll
194698.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdiplus.dll'...
194798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdiplus.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdiplus.dll' [rcNtRedir=0x0]
194898.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\GdiPlus.dll
194998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
195098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
195198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
195298.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
195398.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
195498.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
195598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
195698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
195798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
195898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
195998.1b08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Multimedia-MMECoreWdmAudio-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\wdmaud.drv'
196098.1b08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
196198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
196298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
196398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
196498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
196598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
196698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [redoing WinVerifyTrust]
196798.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'.
196898.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
196998.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'winmm.dll'.
197098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'avrt.dll'.
197198.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'mmdevapi.dll'.
197298.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv)WinVerifyTrust
197398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
197498.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
197598.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
197698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
197798.1b08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
197898.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
197998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
198098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
198198.768: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\avrt.dll'.
198298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
198398.768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll)
198498.768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll
198598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
198698.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll)
198798.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll
198898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
198998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
199098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
199198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
199298.1b08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [avoiding WinVerifyTrust]
199398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
199498.1b08: supR3HardenedDllNotificationCallback: load 00007ffd18200000 LB 0x00008000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
199598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
199698.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [avoiding WinVerifyTrust]
199798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
199898.1b08: supR3HardenedDllNotificationCallback: load 00007ffd146d0000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
199998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
200098.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [avoiding WinVerifyTrust]
200198.1b08: supR3HardenedDllNotificationCallback: load 00007ffd05670000 LB 0x00041000 C:\WINDOWS\system32\wdmaud.drv [fFlags=0x0]
200298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
200398.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
200498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
200598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
200698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
200798.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
200898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
200998.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
201098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
201198.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
201298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
201398.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
201498.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
201598.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ksuser.dll'
201698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
201798.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
201898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
201998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
202098.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
202198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
202298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
202398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comctl32.dll [redoing WinVerifyTrust]
202498.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
202598.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
202698.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\avrt.dll'
202798.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
202898.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
202998.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
203098.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
203198.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
203298.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd14820000 'C:\WINDOWS\system32\MMDEVAPI.DLL'
203398.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
203498.768: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'
203598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
203698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
203798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comctl32.dll
203898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
203998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
204098.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
204198.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
204298.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
204398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
204498.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
204598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
204698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
204798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
204898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
204998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
205098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
205198.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
205298.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
205398.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
205498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
205598.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
205698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
205798.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
205898.768: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [redoing WinVerifyTrust]
205998.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume4\Windows\System32\winspool.drv
206098.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
206198.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
206298.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=940DEDA2D0CF19AD48AEA98D63984667BAE1BAA8
206398.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
206498.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
206598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
206698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
206798.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
206898.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
206998.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
207098.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
207198.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-printscan~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\winspool.drv'
207298.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
207398.768: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\winspool.drv'
207498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
207598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
207698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winspool.drv
207798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
207898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
207998.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
208098.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
208198.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
208298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
208398.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
208498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msimg32.dll'...
208598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msimg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msimg32.dll' [rcNtRedir=0xc0150008]
208698.768: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msimg32.dll [redoing WinVerifyTrust]
208798.768: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000070c pwszName=\Device\HarddiskVolume4\Windows\System32\msimg32.dll
208898.768: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
208998.768: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
209098.768: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A4CD94AB18AD559A6DFD73723FA49C90EDE59D65
209198.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
209298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
209398.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
209498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
209598.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
209698.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
209798.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
209898.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
209998.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
210098.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'mmdevapi.dll'.
210198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
210298.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll)WinVerifyTrust
210398.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
210498.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
210598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
210698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
210798.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
210898.1b08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
210998.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
211098.1b08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
211198.768: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\msimg32.dll'
211298.768: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
211398.768: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msimg32.dll'
211498.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msimg32.dll'...
211598.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msimg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msimg32.dll' [rcNtRedir=0xc0150008]
211698.768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msimg32.dll
211798.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
211898.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
211998.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
212098.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
212198.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
212298.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
212398.768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
212498.768: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
212598.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Acer\Acer Power Management\SysHook.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
212698.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcf09a0000 'C:\Program Files\Acer\Acer Power Management\SysHook.dll'
212798.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
212898.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'combase.dll'.
212998.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
213098.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll)
213198.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll
213298.1b08: supR3HardenedDllNotificationCallback: load 00007ffd14120000 LB 0x00131000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
213398.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
213498.1b08: supR3HardenedDllNotificationCallback: load 00007ffd01dc0000 LB 0x00085000 C:\WINDOWS\system32\AUDIOSES.DLL [fFlags=0x0]
213598.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
213698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd01dc0000 'C:\WINDOWS\system32\AUDIOSES.DLL'
213798.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
213898.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
213998.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
214098.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
214198.1b08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
214298.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
214398.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
214498.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
214598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
214698.1b08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\WinTypes.dll'
214798.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
214898.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
214998.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
215098.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
215198.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
215298.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
215398.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd05670000 'C:\WINDOWS\system32\wdmaud.drv'
215498.1b08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007fc pwszName=\Device\HarddiskVolume4\Windows\System32\msacm32.drv
215598.1b08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
215698.1b08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
215798.1b08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EAA362874D7E19DE11B8B4782838AD2981FC207
215898.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
215998.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
216098.1b08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SKU-Foundation-Package-avcore-noindeo-Group-avcore-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\msacm32.drv'
216198.1b08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
216298.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
216398.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
216498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'.
216598.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
216698.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'.
216798.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv)WinVerifyTrust
216898.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv
216998.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
217098.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
217198.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
217298.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
217398.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
217498.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
217598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
217698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
217798.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
217898.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll)WinVerifyTrust
217998.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll
218098.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
218198.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
218298.1b08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
218398.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
218498.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
218598.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
218698.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
218798.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
218898.1b08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
218998.1b08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
219098.1b08: supR3HardenedDllNotificationCallback: load 00007ffd17bc0000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
219198.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
219298.1b08: supR3HardenedDllNotificationCallback: load 00007ffd18680000 LB 0x0000c000 C:\WINDOWS\system32\msacm32.drv [fFlags=0x0]
219398.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
219498.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
219598.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
219698.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
219798.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
219898.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
219998.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
220098.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
220198.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
220298.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
220398.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
220498.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
220598.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
220698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
220798.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
220898.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
220998.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
221098.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
221198.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
221298.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
221398.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
221498.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
221598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd18680000 'C:\WINDOWS\system32\msacm32.drv'
221698.1b08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000079c pwszName=\Device\HarddiskVolume4\Windows\System32\midimap.dll
221798.1b08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c73ea0
221898.1b08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c73ea0
221998.1b08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=96AFFE7289EA0FE318F97A9F3C88DF66DCB2B4F6
222098.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
222198.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
222298.1b08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SKU-Foundation-Package-avcore-noindeo-Group-avcore-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\midimap.dll'
222398.1b08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
222498.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
222598.1b08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'.
222698.1b08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\midimap.dll)WinVerifyTrust
222798.1b08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll
222898.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
222998.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
223098.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
223198.1b08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
223298.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
223398.1b08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
223498.1b08: supR3HardenedDllNotificationCallback: load 00007ffd13270000 LB 0x0000a000 C:\WINDOWS\system32\midimap.dll [fFlags=0x0]
223598.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
223698.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd13270000 'C:\WINDOWS\system32\midimap.dll'
223798.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
223898.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
223998.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd13270000 'C:\WINDOWS\system32\midimap.dll'
224098.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
224198.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
224298.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd13270000 'C:\WINDOWS\system32\midimap.dll'
224398.1b08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
224498.1b08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
224598.1b08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd13270000 'C:\WINDOWS\system32\midimap.dll'
224698.768: supR3HardenedMonitor_LdrLoadDll: 'C:\WINDOWS\system32\comctl32.dll' -> 'C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll' [redir]
224798.768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [redoing WinVerifyTrust]
224898.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd190b0000 'C:\WINDOWS\system32\rsaenh.dll'
224998.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1a720000 'C:\WINDOWS\system32\crypt32.dll'
225098.768: supR3HardenedScreenImage/LdrLoadDll: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll'
225198.768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll (Input=C:\WINDOWS\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
225298.768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd08060000 'C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll'
2253d70.14c8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 959931 ms, the end);
225412e4.1a54: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 961024 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy