VirtualBox

Ticket #14848: VBoxHardening-2015-11-20-02-25-23.log

File VBoxHardening-2015-11-20-02-25-23.log, 312.7 KB (added by kingpoop, 9 years ago)

VBoxHardening Log

Line 
19b8.9bc: Log file opened: 5.0.8r103449 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
29b8.9bc: \SystemRoot\System32\ntdll.dll:
39b8.9bc: CreationTime: 2015-10-21T15:54:59.822143100Z
49b8.9bc: LastWriteTime: 2015-09-29T03:13:50.360140500Z
59b8.9bc: ChangeTime: 2015-10-21T19:20:03.875754100Z
69b8.9bc: FileAttributes: 0x20
79b8.9bc: Size: 0x1a67c0
89b8.9bc: NT Headers: 0xe0
99b8.9bc: Timestamp: 0x560a0083
109b8.9bc: Machine: 0x8664 - amd64
119b8.9bc: Timestamp: 0x560a0083
129b8.9bc: Image Version: 6.1
139b8.9bc: SizeOfImage: 0x1a9000 (1740800)
149b8.9bc: Resource Dir: 0x14d000 LB 0x5a028
159b8.9bc: ProductName: Microsoft® Windows® Operating System
169b8.9bc: ProductVersion: 6.1.7601.19018
179b8.9bc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
189b8.9bc: FileDescription: NT Layer DLL
199b8.9bc: \SystemRoot\System32\kernel32.dll:
209b8.9bc: CreationTime: 2015-10-21T15:54:59.026541700Z
219b8.9bc: LastWriteTime: 2015-09-29T03:10:53.725000000Z
229b8.9bc: ChangeTime: 2015-10-21T19:20:06.636958900Z
239b8.9bc: FileAttributes: 0x20
249b8.9bc: Size: 0x11c600
259b8.9bc: NT Headers: 0xe8
269b8.9bc: Timestamp: 0x560a0093
279b8.9bc: Machine: 0x8664 - amd64
289b8.9bc: Timestamp: 0x560a0093
299b8.9bc: Image Version: 6.1
309b8.9bc: SizeOfImage: 0x120000 (1179648)
319b8.9bc: Resource Dir: 0x117000 LB 0x528
329b8.9bc: ProductName: Microsoft® Windows® Operating System
339b8.9bc: ProductVersion: 6.1.7601.19018
349b8.9bc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
359b8.9bc: FileDescription: Windows NT BASE API Client DLL
369b8.9bc: \SystemRoot\System32\KernelBase.dll:
379b8.9bc: CreationTime: 2015-10-21T15:54:58.823741400Z
389b8.9bc: LastWriteTime: 2015-09-29T03:10:53.725000000Z
399b8.9bc: ChangeTime: 2015-10-21T19:20:06.683759000Z
409b8.9bc: FileAttributes: 0x20
419b8.9bc: Size: 0x67c00
429b8.9bc: NT Headers: 0xe8
439b8.9bc: Timestamp: 0x560a0094
449b8.9bc: Machine: 0x8664 - amd64
459b8.9bc: Timestamp: 0x560a0094
469b8.9bc: Image Version: 6.1
479b8.9bc: SizeOfImage: 0x6c000 (442368)
489b8.9bc: Resource Dir: 0x6a000 LB 0x530
499b8.9bc: ProductName: Microsoft® Windows® Operating System
509b8.9bc: ProductVersion: 6.1.7601.19018
519b8.9bc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
529b8.9bc: FileDescription: Windows NT BASE API Client DLL
539b8.9bc: \SystemRoot\System32\apisetschema.dll:
549b8.9bc: CreationTime: 2015-10-21T15:54:57.762939500Z
559b8.9bc: LastWriteTime: 2015-09-29T03:01:17.376000000Z
569b8.9bc: ChangeTime: 2015-10-21T19:20:03.688553700Z
579b8.9bc: FileAttributes: 0x20
589b8.9bc: Size: 0x1a00
599b8.9bc: NT Headers: 0xc0
609b8.9bc: Timestamp: 0x5609ff3b
619b8.9bc: Machine: 0x8664 - amd64
629b8.9bc: Timestamp: 0x5609ff3b
639b8.9bc: Image Version: 6.1
649b8.9bc: SizeOfImage: 0x50000 (327680)
659b8.9bc: Resource Dir: 0x30000 LB 0x3f8
669b8.9bc: ProductName: Microsoft® Windows® Operating System
679b8.9bc: ProductVersion: 6.1.7601.19018
689b8.9bc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
699b8.9bc: FileDescription: ApiSet Schema DLL
709b8.9bc: supR3HardenedWinFindAdversaries: 0x0
719b8.9bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\VirtualBox'
729b8.9bc: Calling main()
739b8.9bc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
749b8.9bc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\VirtualBox'
759b8.9bc: SUPR3HardenedMain: Respawn #1
769b8.9bc: System32: \Device\HarddiskVolume1\Windows\System32
779b8.9bc: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
789b8.9bc: KnownDllPath: C:\Windows\system32
799b8.9bc: '\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe' has no imports
809b8.9bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe)
819b8.9bc: supR3HardNtEnableThreadCreation:
829b8.9bc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076f6b630 pvNtTerminateThread=0000000076f8dee0
839b8.9bc: supR3HardenedWinDoReSpawn(1): New child 9c0.9c4 [kernel32].
849b8.9bc: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd3000 cbPeb=0x380
859b8.9bc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076f40000 uNtDllChildAddr=0000000076f40000
869b8.9bc: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076f6b630
879b8.9bc: supR3HardenedWinSetupChildInit: Start child.
889b8.9bc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
899b8.9bc: supR3HardNtChildPurify: Startup delay kludge #1/0: 265 ms, 17 sleeps
909b8.9bc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
919b8.9bc: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
929b8.9bc: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
939b8.9bc: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
949b8.9bc: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
959b8.9bc: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
969b8.9bc: 0000000000041000-fffffffffffe1fff 0x0001/0x0000 0x0000000
979b8.9bc: *00000000000a0000-fffffffffffa3fff 0x0000/0x0004 0x0020000
989b8.9bc: 000000000019c000-0000000000198fff 0x0104/0x0004 0x0020000
999b8.9bc: 000000000019f000-000000000019dfff 0x0004/0x0004 0x0020000
1009b8.9bc: 00000000001a0000-ffffffff893fffff 0x0001/0x0000 0x0000000
1019b8.9bc: *0000000076f40000-0000000076f40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1029b8.9bc: 0000000076f41000-000000007703efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1039b8.9bc: 000000007703f000-000000007706dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1049b8.9bc: 000000007706e000-0000000077075fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1059b8.9bc: 0000000077076000-0000000077076fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1069b8.9bc: 0000000077077000-0000000077079fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1079b8.9bc: 000000007707a000-00000000770e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1089b8.9bc: 00000000770e9000-000000006f1f1fff 0x0001/0x0000 0x0000000
1099b8.9bc: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
1109b8.9bc: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1119b8.9bc: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1129b8.9bc: 000000007fff0000-ffffffffc013ffff 0x0001/0x0000 0x0000000
1139b8.9bc: *000000013fea0000-000000013fea0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1149b8.9bc: 000000013fea1000-000000013ff27fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1159b8.9bc: 000000013ff28000-000000013ff28fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1169b8.9bc: 000000013ff29000-000000013ff73fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1179b8.9bc: 000000013ff74000-000000013ff74fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1189b8.9bc: 000000013ff75000-000000013ff75fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1199b8.9bc: 000000013ff76000-000000013ff7afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1209b8.9bc: 000000013ff7b000-000000013ff7bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1219b8.9bc: 000000013ff7c000-000000013ff7cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1229b8.9bc: 000000013ff7d000-000000013ff80fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1239b8.9bc: 000000013ff81000-000000013ffcbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
1249b8.9bc: 000000013ffcc000-fffff80380d37fff 0x0001/0x0000 0x0000000
1259b8.9bc: *000007feff260000-000007feff260fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
1269b8.9bc: 000007feff261000-000007fdfe511fff 0x0001/0x0000 0x0000000
1279b8.9bc: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
1289b8.9bc: *000007fffffd3000-000007fffffd1fff 0x0004/0x0004 0x0020000
1299b8.9bc: 000007fffffd4000-000007fffffc9fff 0x0001/0x0000 0x0000000
1309b8.9bc: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
1319b8.9bc: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
1329b8.9bc: apisetschema.dll: timestamp 0x5609ff3b (rc=VINF_SUCCESS)
1339b8.9bc: VirtualBox.exe: timestamp 0x561faefe (rc=VINF_SUCCESS)
1349b8.9bc: '\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe' has no imports
1359b8.9bc: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
1369b8.9bc: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
1379b8.9bc: supR3HardNtChildPurify: Done after 296 ms and 0 fixes (loop #0).
1389c0.9c4: Log file opened: 5.0.8r103449 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
1399c0.9c4: supR3HardenedVmProcessInit: uNtDllAddr=0000000076f40000
1409c0.9c4: ntdll.dll: timestamp 0x560a0083 (rc=VINF_SUCCESS)
1419c0.9c4: New simple heap: #1 00000000002a0000 LB 0x400000 (for 1740800 allocation)
1429b8.9bc: supR3HardNtEnableThreadCreation:
1439c0.9c4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\VirtualBox'
1449c0.9c4: System32: \Device\HarddiskVolume1\Windows\System32
1459c0.9c4: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
1469c0.9c4: KnownDllPath: C:\Windows\system32
1479c0.9c4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1489c0.9c4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1499c0.9c4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1509c0.9c4: Registered Dll notification callback with NTDLL.
1519c0.9c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
1529c0.9c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
1539c0.9c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1549c0.9c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1559c0.9c4: supR3HardenedDllNotificationCallback: load 0000000076e20000 LB 0x00120000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
1569c0.9c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1579c0.9c4: supR3HardenedDllNotificationCallback: load 000007fefce30000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1589c0.9c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
1599c0.9c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
1609c0.9c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e20000 'C:\Windows\system32\kernel32.dll'
1619c0.9c4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076f6b630 pvNtTerminateThread=0000000076f8dee0
1629b8.9bc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 47 ms.
1639c0.9c4: \SystemRoot\System32\ntdll.dll:
1649c0.9c4: CreationTime: 2015-10-21T15:54:59.822143100Z
1659c0.9c4: LastWriteTime: 2015-09-29T03:13:50.360140500Z
1669c0.9c4: ChangeTime: 2015-10-21T19:20:03.875754100Z
1679c0.9c4: FileAttributes: 0x20
1689c0.9c4: Size: 0x1a67c0
1699c0.9c4: NT Headers: 0xe0
1709c0.9c4: Timestamp: 0x560a0083
1719c0.9c4: Machine: 0x8664 - amd64
1729c0.9c4: Timestamp: 0x560a0083
1739c0.9c4: Image Version: 6.1
1749c0.9c4: SizeOfImage: 0x1a9000 (1740800)
1759c0.9c4: Resource Dir: 0x14d000 LB 0x5a028
1769c0.9c4: ProductName: Microsoft® Windows® Operating System
1779c0.9c4: ProductVersion: 6.1.7601.19018
1789c0.9c4: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
1799c0.9c4: FileDescription: NT Layer DLL
1809c0.9c4: \SystemRoot\System32\kernel32.dll:
1819c0.9c4: CreationTime: 2015-10-21T15:54:59.026541700Z
1829c0.9c4: LastWriteTime: 2015-09-29T03:10:53.725000000Z
1839c0.9c4: ChangeTime: 2015-10-21T19:20:06.636958900Z
1849c0.9c4: FileAttributes: 0x20
1859c0.9c4: Size: 0x11c600
1869c0.9c4: NT Headers: 0xe8
1879c0.9c4: Timestamp: 0x560a0093
1889c0.9c4: Machine: 0x8664 - amd64
1899c0.9c4: Timestamp: 0x560a0093
1909c0.9c4: Image Version: 6.1
1919c0.9c4: SizeOfImage: 0x120000 (1179648)
1929c0.9c4: Resource Dir: 0x117000 LB 0x528
1939c0.9c4: ProductName: Microsoft® Windows® Operating System
1949c0.9c4: ProductVersion: 6.1.7601.19018
1959c0.9c4: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
1969c0.9c4: FileDescription: Windows NT BASE API Client DLL
1979c0.9c4: \SystemRoot\System32\KernelBase.dll:
1989c0.9c4: CreationTime: 2015-10-21T15:54:58.823741400Z
1999c0.9c4: LastWriteTime: 2015-09-29T03:10:53.725000000Z
2009c0.9c4: ChangeTime: 2015-10-21T19:20:06.683759000Z
2019c0.9c4: FileAttributes: 0x20
2029c0.9c4: Size: 0x67c00
2039c0.9c4: NT Headers: 0xe8
2049c0.9c4: Timestamp: 0x560a0094
2059c0.9c4: Machine: 0x8664 - amd64
2069c0.9c4: Timestamp: 0x560a0094
2079c0.9c4: Image Version: 6.1
2089c0.9c4: SizeOfImage: 0x6c000 (442368)
2099c0.9c4: Resource Dir: 0x6a000 LB 0x530
2109c0.9c4: ProductName: Microsoft® Windows® Operating System
2119c0.9c4: ProductVersion: 6.1.7601.19018
2129c0.9c4: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
2139c0.9c4: FileDescription: Windows NT BASE API Client DLL
2149c0.9c4: \SystemRoot\System32\apisetschema.dll:
2159c0.9c4: CreationTime: 2015-10-21T15:54:57.762939500Z
2169c0.9c4: LastWriteTime: 2015-09-29T03:01:17.376000000Z
2179c0.9c4: ChangeTime: 2015-10-21T19:20:03.688553700Z
2189c0.9c4: FileAttributes: 0x20
2199c0.9c4: Size: 0x1a00
2209c0.9c4: NT Headers: 0xc0
2219c0.9c4: Timestamp: 0x5609ff3b
2229c0.9c4: Machine: 0x8664 - amd64
2239c0.9c4: Timestamp: 0x5609ff3b
2249c0.9c4: Image Version: 6.1
2259c0.9c4: SizeOfImage: 0x50000 (327680)
2269c0.9c4: Resource Dir: 0x30000 LB 0x3f8
2279c0.9c4: ProductName: Microsoft® Windows® Operating System
2289c0.9c4: ProductVersion: 6.1.7601.19018
2299c0.9c4: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
2309c0.9c4: FileDescription: ApiSet Schema DLL
2319c0.9c4: supR3HardenedWinFindAdversaries: 0x0
2329c0.9c4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\VirtualBox'
2339c0.9c4: Calling main()
2349c0.9c4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2359c0.9c4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\VirtualBox'
2369c0.9c4: '\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe' has no imports
2379c0.9c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe)
2389c0.9c4: SUPR3HardenedMain: Respawn #2
2399c0.9c4: supR3HardNtEnableThreadCreation:
2409c0.9c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
2419c0.9c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
2429c0.9c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2439c0.9c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2449c0.9c4: supR3HardenedDllNotificationCallback: load 000007fefcb20000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2459c0.9c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2469c0.9c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb20000 'C:\Windows\system32\apphelp.dll'
2479c0.9c4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076f6b630 pvNtTerminateThread=0000000076f8dee0
2489c0.9c4: supR3HardenedWinDoReSpawn(2): New child 9c8.9cc [kernel32].
2499c0.9c4: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdb000 cbPeb=0x380
2509c0.9c4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076f40000 uNtDllChildAddr=0000000076f40000
2519c0.9c4: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076f6b630
2529c0.9c4: supR3HardenedWinSetupChildInit: Start child.
2539c0.9c4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2549c0.9c4: supR3HardNtChildPurify: Startup delay kludge #1/0: 265 ms, 17 sleeps
2559c0.9c4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2569c0.9c4: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2579c0.9c4: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2589c0.9c4: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
2599c0.9c4: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
2609c0.9c4: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
2619c0.9c4: 0000000000041000-ffffffffffe71fff 0x0001/0x0000 0x0000000
2629c0.9c4: *0000000000210000-0000000000113fff 0x0000/0x0004 0x0020000
2639c0.9c4: 000000000030c000-0000000000308fff 0x0104/0x0004 0x0020000
2649c0.9c4: 000000000030f000-000000000030dfff 0x0004/0x0004 0x0020000
2659c0.9c4: 0000000000310000-ffffffff896dffff 0x0001/0x0000 0x0000000
2669c0.9c4: *0000000076f40000-0000000076f40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2679c0.9c4: 0000000076f41000-000000007703efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2689c0.9c4: 000000007703f000-000000007706dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2699c0.9c4: 000000007706e000-0000000077075fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2709c0.9c4: 0000000077076000-0000000077076fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2719c0.9c4: 0000000077077000-0000000077079fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2729c0.9c4: 000000007707a000-00000000770e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2739c0.9c4: 00000000770e9000-000000006f1f1fff 0x0001/0x0000 0x0000000
2749c0.9c4: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2759c0.9c4: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2769c0.9c4: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2779c0.9c4: 000000007fff0000-ffffffffc013ffff 0x0001/0x0000 0x0000000
2789c0.9c4: *000000013fea0000-000000013fea0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2799c0.9c4: 000000013fea1000-000000013ff27fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2809c0.9c4: 000000013ff28000-000000013ff28fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2819c0.9c4: 000000013ff29000-000000013ff73fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2829c0.9c4: 000000013ff74000-000000013ff74fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2839c0.9c4: 000000013ff75000-000000013ff75fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2849c0.9c4: 000000013ff76000-000000013ff7afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2859c0.9c4: 000000013ff7b000-000000013ff7bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2869c0.9c4: 000000013ff7c000-000000013ff7cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2879c0.9c4: 000000013ff7d000-000000013ff80fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2889c0.9c4: 000000013ff81000-000000013ffcbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\VirtualBox\VirtualBox.exe
2899c0.9c4: 000000013ffcc000-fffff80380d37fff 0x0001/0x0000 0x0000000
2909c0.9c4: *000007feff260000-000007feff260fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
2919c0.9c4: 000007feff261000-000007fdfe511fff 0x0001/0x0000 0x0000000
2929c0.9c4: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2939c0.9c4: 000007fffffd3000-000007fffffcafff 0x0001/0x0000 0x0000000
2949c0.9c4: *000007fffffdb000-000007fffffd9fff 0x0004/0x0004 0x0020000
2959c0.9c4: 000007fffffdc000-000007fffffd9fff 0x0001/0x0000 0x0000000
2969c0.9c4: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2979c0.9c4: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2989c0.9c4: apisetschema.dll: timestamp 0x5609ff3b (rc=VINF_SUCCESS)
2999c0.9c4: VirtualBox.exe: timestamp 0x561faefe (rc=VINF_SUCCESS)
3009c0.9c4: '\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe' has no imports
3019c0.9c4: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
3029c0.9c4: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
3039c0.9c4: supR3HardNtChildPurify: Done after 296 ms and 0 fixes (loop #0).
3049c8.9cc: Log file opened: 5.0.8r103449 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
3059c8.9cc: supR3HardenedVmProcessInit: uNtDllAddr=0000000076f40000
3069c8.9cc: ntdll.dll: timestamp 0x560a0083 (rc=VINF_SUCCESS)
3079c8.9cc: New simple heap: #1 0000000000310000 LB 0x400000 (for 1740800 allocation)
3089c0.9c4: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002a0000 LB 0x400000)
3099c0.9c4: supR3HardNtEnableThreadCreation:
3109c8.9cc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\VirtualBox'
3119c8.9cc: System32: \Device\HarddiskVolume1\Windows\System32
3129c8.9cc: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
3139c8.9cc: KnownDllPath: C:\Windows\system32
3149c8.9cc: supR3HardenedVmProcessInit: Opening vboxdrv...
3159c8.9cc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3169c8.9cc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3179c8.9cc: Registered Dll notification callback with NTDLL.
3189c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
3199c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
3209c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
3219c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3229c8.9cc: supR3HardenedDllNotificationCallback: load 0000000076e20000 LB 0x00120000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
3239c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3249c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefce30000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
3259c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
3269c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
3279c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e20000 'C:\Windows\system32\kernel32.dll'
3289c8.9cc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076f6b630 pvNtTerminateThread=0000000076f8dee0
3299c0.9c4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 32 ms.
3309c8.9cc: \SystemRoot\System32\ntdll.dll:
3319c8.9cc: CreationTime: 2015-10-21T15:54:59.822143100Z
3329c8.9cc: LastWriteTime: 2015-09-29T03:13:50.360140500Z
3339c8.9cc: ChangeTime: 2015-10-21T19:20:03.875754100Z
3349c8.9cc: FileAttributes: 0x20
3359c8.9cc: Size: 0x1a67c0
3369c8.9cc: NT Headers: 0xe0
3379c8.9cc: Timestamp: 0x560a0083
3389c8.9cc: Machine: 0x8664 - amd64
3399c8.9cc: Timestamp: 0x560a0083
3409c8.9cc: Image Version: 6.1
3419c8.9cc: SizeOfImage: 0x1a9000 (1740800)
3429c8.9cc: Resource Dir: 0x14d000 LB 0x5a028
3439c8.9cc: ProductName: Microsoft® Windows® Operating System
3449c8.9cc: ProductVersion: 6.1.7601.19018
3459c8.9cc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
3469c8.9cc: FileDescription: NT Layer DLL
3479c8.9cc: \SystemRoot\System32\kernel32.dll:
3489c8.9cc: CreationTime: 2015-10-21T15:54:59.026541700Z
3499c8.9cc: LastWriteTime: 2015-09-29T03:10:53.725000000Z
3509c8.9cc: ChangeTime: 2015-10-21T19:20:06.636958900Z
3519c8.9cc: FileAttributes: 0x20
3529c8.9cc: Size: 0x11c600
3539c8.9cc: NT Headers: 0xe8
3549c8.9cc: Timestamp: 0x560a0093
3559c8.9cc: Machine: 0x8664 - amd64
3569c8.9cc: Timestamp: 0x560a0093
3579c8.9cc: Image Version: 6.1
3589c8.9cc: SizeOfImage: 0x120000 (1179648)
3599c8.9cc: Resource Dir: 0x117000 LB 0x528
3609c8.9cc: ProductName: Microsoft® Windows® Operating System
3619c8.9cc: ProductVersion: 6.1.7601.19018
3629c8.9cc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
3639c8.9cc: FileDescription: Windows NT BASE API Client DLL
3649c8.9cc: \SystemRoot\System32\KernelBase.dll:
3659c8.9cc: CreationTime: 2015-10-21T15:54:58.823741400Z
3669c8.9cc: LastWriteTime: 2015-09-29T03:10:53.725000000Z
3679c8.9cc: ChangeTime: 2015-10-21T19:20:06.683759000Z
3689c8.9cc: FileAttributes: 0x20
3699c8.9cc: Size: 0x67c00
3709c8.9cc: NT Headers: 0xe8
3719c8.9cc: Timestamp: 0x560a0094
3729c8.9cc: Machine: 0x8664 - amd64
3739c8.9cc: Timestamp: 0x560a0094
3749c8.9cc: Image Version: 6.1
3759c8.9cc: SizeOfImage: 0x6c000 (442368)
3769c8.9cc: Resource Dir: 0x6a000 LB 0x530
3779c8.9cc: ProductName: Microsoft® Windows® Operating System
3789c8.9cc: ProductVersion: 6.1.7601.19018
3799c8.9cc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
3809c8.9cc: FileDescription: Windows NT BASE API Client DLL
3819c8.9cc: \SystemRoot\System32\apisetschema.dll:
3829c8.9cc: CreationTime: 2015-10-21T15:54:57.762939500Z
3839c8.9cc: LastWriteTime: 2015-09-29T03:01:17.376000000Z
3849c8.9cc: ChangeTime: 2015-10-21T19:20:03.688553700Z
3859c8.9cc: FileAttributes: 0x20
3869c8.9cc: Size: 0x1a00
3879c8.9cc: NT Headers: 0xc0
3889c8.9cc: Timestamp: 0x5609ff3b
3899c8.9cc: Machine: 0x8664 - amd64
3909c8.9cc: Timestamp: 0x5609ff3b
3919c8.9cc: Image Version: 6.1
3929c8.9cc: SizeOfImage: 0x50000 (327680)
3939c8.9cc: Resource Dir: 0x30000 LB 0x3f8
3949c8.9cc: ProductName: Microsoft® Windows® Operating System
3959c8.9cc: ProductVersion: 6.1.7601.19018
3969c8.9cc: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507)
3979c8.9cc: FileDescription: ApiSet Schema DLL
3989c8.9cc: supR3HardenedWinFindAdversaries: 0x0
3999c8.9cc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\VirtualBox'
4009c8.9cc: Calling main()
4019c8.9cc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4029c8.9cc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\VirtualBox'
4039c8.9cc: '\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe' has no imports
4049c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VirtualBox.exe)
4059c8.9cc: SUPR3HardenedMain: Final process, opening VBoxDrv...
4069c8.9cc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000310000 LB 0x400000)
4079c8.9cc: supR3HardNtEnableThreadCreation:
4089c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxSupLib.dll)
4099c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxSupLib.dll
4109c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863bc0:C:\Windows\system32 [calling]
4119c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4129c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef69a0000 LB 0x00005000 C:\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
4139c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4149c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4159c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
4169c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef69a0000 'C:\VirtualBox\VBoxSupLib.DLL'
4179c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4189c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
4199c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef69a0000 'C:\VirtualBox\VBoxSupLib.DLL'
4209c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef69a0000 'C:\VirtualBox\VBoxSupLib.DLL'
4219c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4229c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
4239c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4249c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
4259c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
4269c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
4279c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4289c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4299c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
4309c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
4319c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4329c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4339c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
4349c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
4359c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4369c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4379c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4389c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4399c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
4409c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
4419c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4429c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4439c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
4449c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
4459c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4469c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4479c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4489c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4499c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4509c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4519c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863bc0:C:\Windows\system32 [calling]
4529c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4539c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefcd20000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
4549c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4559c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd8e0000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
4569c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4579c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefcef0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
4589c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4599c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefccf0000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
4609c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4619c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd7b0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
4629c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4639c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd20000 'C:\Windows\system32\Wintrust.dll'
4649c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
4659c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
4669c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d8e90:C:\Windows\system32 [calling]
4679c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4689c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefc630000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
4699c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4709c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc630000 'C:\Windows\system32\bcrypt.dll'
4719c8.9cc: bcrypt.dll loaded at 000007fefc630000, BCryptOpenAlgorithmProvider at 000007fefc632640, preloading providers:
4729c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
4739c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
4749c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
4759c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
4769c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
4779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
4789c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4799c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4809c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4819c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4829c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4839c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
4849c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
4859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4869c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4879c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4889c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4899c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4909c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4919c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
4929c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4939c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefc120000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
4949c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4959c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefde50000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
4969c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4979c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
4989c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
4999c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
5009c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
5019c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd0a0000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
5029c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
5039c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc120000 'C:\Windows\system32\bcryptprimitives.dll'
5049c8.9cc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000008dbc00)
5059c8.9cc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000008dc4f0)
5069c8.9cc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000008dc610)
5079c8.9cc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000008dc820)
5089c8.9cc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000008dc940)
5099c8.9cc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000008dca60)
5109c8.9cc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000008dcca0)
5119c8.9cc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000008dcdc0)
5129c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
5139c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
5149c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5159c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5169c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5179c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5189c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5199c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5209c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5219c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5229c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefc4e0000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
5239c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5249c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4e0000 'C:\Windows\system32\CRYPTSP.dll'
5259c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5269c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
5279c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
5289c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5299c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5309c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5319c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5329c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5339c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefc1e0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
5349c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5359c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc1e0000 'C:\Windows\system32\rsaenh.dll'
5369c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5379c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5389c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde50000 'C:\Windows\system32\ADVAPI32.dll'
5399c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
5409c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
5419c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5429c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5439c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefcb80000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
5449c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5459c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb80000 'C:\Windows\system32\CRYPTBASE.dll'
5469c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5479c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5489c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e20000 'C:\Windows\system32\kernel32.dll'
5499c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5509c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5519c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd20000 'C:\Windows\system32\WINTRUST.DLL'
5529c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5539c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5549c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcef0000 'C:\Windows\system32\CRYPT32.dll'
5559c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5569c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
5579c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
5589c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
5599c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
5609c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
5619c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5629c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5639c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5649c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5659c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5669c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5679c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefe1a0000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
5689c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5699c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1a0000 'C:\Windows\system32\imagehlp.dll'
5709c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5719c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
5729c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4e0000 'C:\Windows\system32\CRYPTSP.dll'
5739c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
5749c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
5759c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
5769c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5789c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
5799c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
5809c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
5819c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
5829c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
5839c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
5849c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
5859c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
5869c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
5879c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
5889c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
5899c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5909c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5919c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
5929c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
5939c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
5949c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5959c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
5969c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
5979c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
5989c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
5999c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6009c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6019c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6029c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6039c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6049c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6059c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6069c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6079c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6089c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6099c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6109c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6119c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6129c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6139c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6149c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
6159c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6169c8.9cc: supR3HardenedDllNotificationCallback: load 0000000076d20000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
6179c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6189c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd0c0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
6199c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6209c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd400000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
6219c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\lpk.dll [lacks WinVerifyTrust]
6229c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefef50000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
6239c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\usp10.dll [lacks WinVerifyTrust]
6249c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6259c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
6269c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\Windows\system32\gdi32.dll'
6279c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
6289c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
6299c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
6309c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
6319c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
6329c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
6339c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
6349c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6359c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
6369c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
6379c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
6389c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
6399c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
6409c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6419c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6429c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6439c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6449c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6459c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6469c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
6479c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
6489c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6499c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6509c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6519c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6529c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6539c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6549c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6559c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6569c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6579c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6589c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
6599c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6609c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefde20000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
6619c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6629c8.9cc: supR3HardenedDllNotificationCallback: load 000007feff020000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
6639c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
6649c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde20000 'C:\Windows\system32\IMM32.DLL'
6659c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d20000 'C:\Windows\system32\USER32.dll'
6669c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
6679c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
6689c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
6699c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
6709c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
6719c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6729c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
6739c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6749c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6759c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6769c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6789c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
6799c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6809c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
6819c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
6829c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefc660000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
6839c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
6849c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc660000 'C:\Windows\system32\ncrypt.dll'
6859c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6869c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
6879c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc630000 'C:\Windows\system32\bcrypt.dll'
6889c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6899c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
6909c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
6919c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
6929c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
6939c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
6949c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
6959c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6969c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
6979c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
6989c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6999c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7009c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7019c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7029c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7039c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7049c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7059c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7069c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7079c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7089c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
7099c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefcea0000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
7109c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
7119c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefcce0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
7129c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
7139c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcea0000 'C:\Windows\system32\USERENV.dll'
7149c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7159c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7169c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7179c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7189c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7199c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
7209c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
7219c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
7229c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7239c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7249c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7259c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7269c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7279c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7289c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7299c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7309c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefbf90000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
7319c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7329c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf90000 'C:\Windows\system32\GPAPI.dll'
7339c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7349c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
7359c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7369c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7379c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd7b0000 'C:\Windows\system32\rpcrt4.dll'
7389c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7399c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
7409c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7419c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7429c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7439c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
7449c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
7459c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
7469c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
7479c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
7489c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
7499c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
7509c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7519c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
7529c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
7539c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7549c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7559c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7569c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7579c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
7589c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7599c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7609c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7619c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7629c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7639c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7649c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7659c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7669c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7679c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefa2b0000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
7689c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7699c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd980000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
7709c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
7719c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7729c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7739c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7749c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7759c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7769c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7779c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7789c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7799c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7809c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7819c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7829c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7839c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7849c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7859c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7869c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7879c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
7889c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7899c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7909c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7919c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7929c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7939c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7949c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7959c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7969c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7979c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7989c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
7999c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
8009c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8019c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
8029c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8039c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8049c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
8059c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8069c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcce0000 'C:\Windows\system32\profapi.dll'
8079c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
8089c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
8099c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
8109c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
8119c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
8129c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8139c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8149c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8159c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8169c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8179c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
8189c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8199c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8209c8.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8219c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8229c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
8239c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefdda0000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
8249c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
8259c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdda0000 'C:\Windows\system32\SHLWAPI.dll'
8269c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
8279c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000942320
8289c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8299c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=85117854EF22A1DA4344F7E4F859BAA635D2AA8B
8309c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8319c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8329c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8339c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
8349c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8359c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
8369c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8379c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8389c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde50000 'C:\Windows\system32\ADVAPI32.dll'
8399c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8409c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8419c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
8429c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8439c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\SystemRoot\System32\ntdll.dll'
8449c8.9cc: g_pfnWinVerifyTrust=000007fefcd21010
8459c8.9cc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
8469c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
8479c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8489c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8499c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BFD41401EDEBD4D914977D62B588ECABEE60CFD3
8509c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
8519c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8529c8.9cc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
8539c8.9cc: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8549c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
8559c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8569c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8579c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E1BBE4EB6D114F50142F24E2E2749EFD81021486
8589c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
8599c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8609c8.9cc: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
8619c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003bc pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
8629c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8639c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8649c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
8659c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
8669c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8679c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
8689c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b0 pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
8699c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8709c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8719c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
8729c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
8739c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8749c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
8759c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003ac pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
8769c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8779c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8789c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=756DC088EE40CF9369C990D71B200F3CB59FC35D
8799c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
8809c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8819c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
8829c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000268 pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
8839c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8849c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8859c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
8869c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
8879c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8889c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
8899c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d4 pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
8909c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8919c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8929c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
8939c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\profapi.dll'
8949c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8959c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
8969c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d0 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
8979c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
8989c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
8999c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
9009c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\userenv.dll'
9019c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9029c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
9039c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001bc pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
9049c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9059c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9069c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B14AB09D49E564708CBA61FF1ED1395291E4099F
9079c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
9089c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9099c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
9109c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
9119c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9129c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9139c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
9149c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msctf.dll'
9159c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9169c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
9179c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
9189c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9199c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9209c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
9219c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\imm32.dll'
9229c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9239c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
9249c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
9259c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9269c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9279c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
9289c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\usp10.dll'
9299c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9309c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
9319c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
9329c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9339c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9349c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FDBA63132AE4F561C5CFC5478222E40A2DAA2ACC
9359c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume1\Windows\System32\lpk.dll'
9369c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9379c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
9389c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
9399c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9409c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9419c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB178841F5FFC6B05E668168217B0AC222A62955
9429c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
9439c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9449c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
9459c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
9469c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9479c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9489c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
9499c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\user32.dll'
9509c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9519c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
9529c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
9539c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9549c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9559c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
9569c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
9579c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9589c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
9599c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
9609c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9619c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9629c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=18061B8DD77D40456B4F1A985E3CCE3B3D0717E9
9639c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
9649c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9659c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
9669c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
9679c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000012c pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
9689c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9699c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9709c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
9719c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
9729c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9739c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
9749c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
9759c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9769c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9779c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB669FA8DB80F8E50A29D055BB8D558E10E5E6B4
9789c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\sechost.dll'
9799c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9809c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
9819c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
9829c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9839c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9849c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D58A667BECF67ECC76D4BEEDB96E9F1960013145
9859c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
9869c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9879c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
9889c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
9899c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
9909c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9919c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9929c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
9939c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
9949c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9959c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
9969c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
9979c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
9989c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
9999c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
10009c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
10019c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10029c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
10039c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
10049c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
10059c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
10069c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
10079c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
10089c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10099c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
10109c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
10119c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
10129c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
10139c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DC420A72AECF0703368F847486335B10EB9EA5DA
10149c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
10159c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10169c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
10179c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\VirtualBox\VBoxSupLib.dll'
10189c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
10199c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
10209c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
10219c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2B560E988F8ADAD80A492617E91EB7441817AAF3
10229c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
10239c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10249c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
10259c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
10269c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
10279c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
10289c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CFE27198241A5A8ECD7031A8E5A9BBA1A67C8E4A
10299c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
10309c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10319c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
10329c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
10339c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000074e9e0:C:\Windows\system32 [calling]
10349c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcef0000 'C:\Windows\system32\crypt32.dll'
10359c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
10369c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
10379c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
10389c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
10399c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
10409c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
10419c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
10429c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
10439c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
10449c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
10459c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
10469c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
10479c8.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
10489c8.9cc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=13
10499c8.9cc: SUPR3HardenedMain: Load Runtime...
10509c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10519c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
10529c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
10539c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
10549c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxRT.dll) WinVerifyTrust
10559c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
10569c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10579c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10589c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
10599c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
10609c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
10619c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000464 pwszName=\Device\HarddiskVolume1\Windows\System32\ws2_32.dll
10629c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
10639c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
10649c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
10659c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\ws2_32.dll'
10669c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10679c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10689c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
10699c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
10709c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ws2_32.dll) WinVerifyTrust
10719c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
10729c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
10739c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
10749c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10759c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\msvcp100.dll) WinVerifyTrust
10769c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
10779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10789c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10799c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\msvcr100.dll) WinVerifyTrust
10809c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
10819c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10829c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10839c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
10849c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
10859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
10869c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000043c pwszName=\Device\HarddiskVolume1\Windows\System32\nsi.dll
10879c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
10889c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
10899c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
10909c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\nsi.dll'
10919c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10929c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nsi.dll) WinVerifyTrust
10939c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nsi.dll
10949c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10959c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10969c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
10979c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10989c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10999c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
11009c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d650:C:\VirtualBox;C:\Windows\system32 [calling]
11019c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11029c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef62f0000 LB 0x0055f000 C:\VirtualBox\VBoxRT.dll [fFlags=0x0]
11039c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11049c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
11059c8.9cc: supR3HardenedDllNotificationCallback: load 0000000074950000 LB 0x000d2000 C:\VirtualBox\MSVCR100.dll [fFlags=0x0]
11069c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
11079c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
11089c8.9cc: supR3HardenedDllNotificationCallback: load 00000000748b0000 LB 0x00098000 C:\VirtualBox\MSVCP100.dll [fFlags=0x0]
11099c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
11109c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd310000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
11119c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
11129c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd9e0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
11139c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
11149c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11159c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11169c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11179c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11189c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11199c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11209c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11219c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11229c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11239c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11249c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11259c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11269c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11279c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11289c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11299c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11309c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11319c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11329c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11339c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11349c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11359c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11369c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11379c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11389c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11399c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11409c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11419c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11429c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11439c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11449c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11459c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11469c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11479c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11489c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11499c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11509c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11519c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11529c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11539c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11549c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11559c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11569c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11579c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxRT.dll
11589c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000863fe0:C:\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\VirtualBox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ [calling]
11599c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11609c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11619c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11629c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef62f0000 'C:\VirtualBox\VBoxRT.dll'
11639c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
11649c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c41c0:C:\Windows\system32 [calling]
11659c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd20000 'C:\Windows\system32\Wintrust.dll'
11669c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
11679c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007c41c0:C:\Windows\system32 [calling]
11689c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcef0000 'C:\Windows\system32\crypt32.dll'
11699c8.9cc: SUPR3HardenedMain: Load TrustedMain...
11709c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
11719c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
11729c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
11739c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
11749c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
11759c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
11769c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
11779c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
11789c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
11799c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
11809c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
11819c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
11829c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
11839c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
11849c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
11859c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
11869c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VirtualBox.dll) WinVerifyTrust
11879c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VirtualBox.dll
11889c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
11899c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
11909c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b8 pwszName=\Device\HarddiskVolume1\Windows\System32\winmm.dll
11919c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
11929c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
11939c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
11949c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winmm.dll'
11959c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11969c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
11979c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
11989c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmm.dll) WinVerifyTrust
11999c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmm.dll
12009c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
12019c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
12029c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000498 pwszName=\Device\HarddiskVolume1\Windows\System32\comdlg32.dll
12039c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
12049c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
12059c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
12069c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\comdlg32.dll'
12079c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12089c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12099c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
12109c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
12119c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
12129c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
12139c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
12149c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comdlg32.dll) WinVerifyTrust
12159c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
12169c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
12179c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
12189c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ac pwszName=\Device\HarddiskVolume1\Windows\System32\oleaut32.dll
12199c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
12209c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
12219c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8A837B0D823EB506C6A4C447C1962174D27ED954
12229c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3020338~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
12239c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12249c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
12259c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
12269c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
12279c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
12289c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
12299c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\oleaut32.dll) WinVerifyTrust
12309c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
12319c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12329c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12339c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c4 pwszName=\Device\HarddiskVolume1\Windows\System32\ole32.dll
12349c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
12359c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
12369c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E93C1851E5754D607F55581B4DE2A30B711C830
12379c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\ole32.dll'
12389c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12399c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12409c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
12419c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
12429c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
12439c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ole32.dll) WinVerifyTrust
12449c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ole32.dll
12459c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
12469c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
12479c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c0 pwszName=\Device\HarddiskVolume1\Windows\System32\shell32.dll
12489c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
12499c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
12509c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB4A0D952E568C1E85DCE662F9A066FFB2E6CE84
12519c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\shell32.dll'
12529c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12539c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12549c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
12559c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
12569c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
12579c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shell32.dll) WinVerifyTrust
12589c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shell32.dll
12599c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12609c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12619c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
12629c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12639c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12649c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
12659c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12669c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12679c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
12689c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
12699c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
12709c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
12719c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
12729c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
12739c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
12749c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
12759c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\QtOpenGLVBox4.dll) WinVerifyTrust
12769c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\QtOpenGLVBox4.dll
12779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
12789c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
12799c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
12809c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
12819c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
12829c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\QtNetworkVBox4.dll) WinVerifyTrust
12839c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\QtNetworkVBox4.dll
12849c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
12859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
12869c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
12879c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
12889c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
12899c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
12909c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
12919c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
12929c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
12939c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
12949c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
12959c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
12969c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
12979c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
12989c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
12999c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\QtGuiVBox4.dll) WinVerifyTrust
13009c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\QtGuiVBox4.dll
13019c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13029c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13039c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
13049c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
13059c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
13069c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
13079c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
13089c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
13099c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\QtCoreVBox4.dll) WinVerifyTrust
13109c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\QtCoreVBox4.dll
13119c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13129c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13139c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
13149c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13159c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13169c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
13179c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
13189c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
13199c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13209c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13219c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000508 pwszName=\Device\HarddiskVolume1\Windows\System32\opengl32.dll
13229c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
13239c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
13249c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
13259c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\opengl32.dll'
13269c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13279c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13289c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
13299c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
13309c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
13319c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
13329c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
13339c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\opengl32.dll) WinVerifyTrust
13349c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\opengl32.dll
13359c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13369c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13379c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
13389c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
13399c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004fc pwszName=\Device\HarddiskVolume1\Windows\System32\ddraw.dll
13409c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
13419c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
13429c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
13439c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\ddraw.dll'
13449c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13459c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13469c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13479c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
13489c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
13499c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
13509c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
13519c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ddraw.dll) WinVerifyTrust
13529c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ddraw.dll
13539c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
13549c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
13559c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f4 pwszName=\Device\HarddiskVolume1\Windows\System32\glu32.dll
13569c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
13579c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
13589c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
13599c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\glu32.dll'
13609c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13619c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13629c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
13639c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13649c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\glu32.dll) WinVerifyTrust
13659c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\glu32.dll
13669c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13679c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13689c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13699c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13709c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
13719c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13729c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13739c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13749c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13759c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
13769c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13789c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
13799c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13809c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
13819c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
13829c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13839c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13849c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
13859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13869c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13879c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
13889c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13899c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13909c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13919c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13929c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
13939c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13949c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13959c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
13969c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13979c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13989c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtCoreVBox4.dll
13999c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14009c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14019c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
14029c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14039c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
14049c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14059c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14069c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14079c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14089c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
14099c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
14109c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
14119c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume1\Windows\System32\winspool.drv
14129c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
14139c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
14149c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
14159c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\winspool.drv'
14169c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14179c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14189c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
14199c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
14209c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winspool.drv) WinVerifyTrust
14219c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winspool.drv
14229c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
14239c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
14249c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
14259c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
14269c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
14279c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
14289c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
14299c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
14309c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
14319c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
14329c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
14339c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
14349c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14359c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14369c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14379c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14389c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
14399c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
14409c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
14419c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtCoreVBox4.dll
14429c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14439c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
14449c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
14459c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14469c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14479c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
14489c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
14499c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
14509c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtCoreVBox4.dll
14519c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
14529c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume1\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
14539c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtGuiVBox4.dll
14549c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14559c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14569c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14579c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14589c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14599c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14609c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
14619c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14629c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14639c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14649c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14659c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
14669c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
14679c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
14689c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14699c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14709c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14719c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14729c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14739c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14749c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14759c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14769c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14789c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14799c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14809c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14819c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14829c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
14839c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14849c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14869c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14879c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14889c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14899c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
14909c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14919c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14929c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
14939c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
14949c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
14959c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000518 pwszName=\Device\HarddiskVolume1\Windows\System32\comctl32.dll
14969c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
14979c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
14989c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
14999c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\comctl32.dll'
15009c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15019c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
15029c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
15039c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
15049c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comctl32.dll) WinVerifyTrust
15059c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comctl32.dll
15069c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15079c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15089c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15099c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15109c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
15119c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
15129c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
15139c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15149c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15159c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15169c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15179c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15189c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15199c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15209c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15219c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15229c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15239c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
15249c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15259c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15269c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15279c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15289c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15299c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15309c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15319c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15329c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15339c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15349c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15359c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15369c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
15379c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15389c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15399c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
15409c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
15419c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume1\Windows\System32\dwmapi.dll
15429c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
15439c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
15449c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F3F3D4867E9140896E0742D7EE8AE1D01FE85ECE
15459c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\dwmapi.dll'
15469c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15479c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15489c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
15499c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15509c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dwmapi.dll) WinVerifyTrust
15519c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
15529c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
15539c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
15549c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004dc pwszName=\Device\HarddiskVolume1\Windows\System32\setupapi.dll
15559c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
15569c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
15579c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
15589c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
15599c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15609c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
15619c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
15629c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
15639c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
15649c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
15659c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
15669c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
15679c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\setupapi.dll) WinVerifyTrust
15689c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\setupapi.dll
15699c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15709c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15719c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
15729c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
15739c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000528 pwszName=\Device\HarddiskVolume1\Windows\System32\dciman32.dll
15749c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
15759c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
15769c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=779E327CA47BE9830D08A18EEDE8A70C3A978A3B
15779c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume1\Windows\System32\dciman32.dll'
15789c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15799c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15809c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
15819c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
15829c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dciman32.dll) WinVerifyTrust
15839c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dciman32.dll
15849c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15869c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15879c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15889c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15899c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15909c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15919c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15929c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15939c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15949c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
15959c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume1\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
15969c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000530 pwszName=\Device\HarddiskVolume1\Windows\System32\devobj.dll
15979c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
15989c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
15999c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
16009c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devobj.dll'
16019c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16029c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16039c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
16049c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\devobj.dll) WinVerifyTrust
16059c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devobj.dll
16069c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16079c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16089c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
16099c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16109c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16119c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16129c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16139c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16149c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16159c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16169c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16179c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
16189c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
16199c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000524 pwszName=\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
16209c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
16219c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
16229c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
16239c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
16249c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16259c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16269c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
16279c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
16289c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll) WinVerifyTrust
16299c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
16309c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16319c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16329c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16339c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16349c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16359c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16369c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16379c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16389c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16399c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16409c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16419c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16429c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
16439c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
16449c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
16459c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16469c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16479c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
16489c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VirtualBox.dll
16499c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef5830000 LB 0x00ab9000 C:\VirtualBox\VirtualBox.dll [fFlags=0x0]
16509c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VirtualBox.dll
16519c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
16529c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef5710000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
16539c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
16549c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
16559c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef6970000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
16569c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
16579c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
16589c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef5610000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
16599c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
16609c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
16619c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef5600000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
16629c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
16639c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd130000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
16649c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
16659c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd060000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
16669c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
16679c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd9f0000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
16689c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
16699c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd5a0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
16709c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
16719c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefcec0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
16729c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\devobj.dll
16739c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
16749c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefae90000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
16759c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
16769c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtCoreVBox4.dll
16779c8.9cc: supR3HardenedDllNotificationCallback: load 00000000745d0000 LB 0x002de000 C:\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
16789c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtCoreVBox4.dll
16799c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtGuiVBox4.dll
16809c8.9cc: supR3HardenedDllNotificationCallback: load 0000000073c60000 LB 0x0096c000 C:\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
16819c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtGuiVBox4.dll
16829c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefd360000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
16839c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
16849c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
16859c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
16869c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
16879c8.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
16889c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
16899c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef5560000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
16909c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
16919c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefe1c0000 LB 0x00d89000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
16929c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
16939c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
16949c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef7710000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
16959c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
16969c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
16979c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef9130000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
16989c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
16999c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtNetworkVBox4.dll
17009c8.9cc: supR3HardenedDllNotificationCallback: load 0000000073b50000 LB 0x00105000 C:\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
17019c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtNetworkVBox4.dll
17029c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtOpenGLVBox4.dll
17039c8.9cc: supR3HardenedDllNotificationCallback: load 0000000073a70000 LB 0x000dc000 C:\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
17049c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\QtOpenGLVBox4.dll
17059c8.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
17069c8.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
17079c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
17089c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17099c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17109c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17119c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17129c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17139c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17149c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d6b0:C:\VirtualBox;C:\Windows\system32 [calling]
17159c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde20000 'C:\Windows\system32\imm32.dll'
17169c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5830000 'C:\VirtualBox\VirtualBox.dll'
17179c8.9cc: SUPR3HardenedMain: Calling TrustedMain (000007fef58310d0)...
17189c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
17199c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17209c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7710000 'C:\Windows\system32\winmm.dll'
17219c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
17229c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17239c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb80000 'C:\Windows\system32\CRYPTBASE.dll'
17249c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
17259c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17269c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1c0000 'C:\Windows\system32\shell32.dll'
17279c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
17289c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17299c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e20000 'C:\Windows\system32\kernel32.dll'
17309c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005dc pwszName=\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
17319c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
17329c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
17339c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
17349c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\uxtheme.dll'
17359c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17369c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17379c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
17389c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
17399c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\uxtheme.dll) WinVerifyTrust
17409c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
17419c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17429c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17439c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17449c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17459c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17469c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17479c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17489c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
17499c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefb570000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
17509c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
17519c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb570000 'C:\Windows\system32\uxtheme.dll'
17529c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
17539c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17549c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb570000 'C:\Windows\system32\uxtheme.dll'
17559c8.9cc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
17569c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17579c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
17589c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d20000 'C:\Windows\system32\user32.dll'
17599c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
17609c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17619c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb570000 'C:\Windows\system32\uxtheme.dll'
17629c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d20000 'C:\Windows\system32\user32.dll'
17639c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde50000 'C:\Windows\system32\advapi32.dll'
17649c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll
17659c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17669c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcea0000 'C:\Windows\system32\userenv.dll'
17679c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
17689c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
17699c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e20000 'C:\Windows\system32\kernel32.dll'
17709c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000620 pwszName=\Device\HarddiskVolume1\Windows\System32\clbcatq.dll
17719c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
17729c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
17739c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
17749c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\clbcatq.dll'
17759c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17769c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17779c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
17789c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
17799c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
17809c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
17819c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
17829c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clbcatq.dll) WinVerifyTrust
17839c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
17849c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17869c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17879c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17889c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
17899c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17909c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17919c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17929c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17939c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17949c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17959c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
17969c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17979c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17989c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
17999c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d470:C:\VirtualBox;C:\Windows\system32 [calling]
18009c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
18019c8.9cc: supR3HardenedDllNotificationCallback: load 000007feff130000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
18029c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
18039c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'C:\Windows\system32\CLBCatQ.DLL'
18049c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde50000 'C:\Windows\system32\ADVAPI32.dll'
18059c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
18069c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d770:C:\VirtualBox;C:\Windows\system32 [calling]
18079c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4e0000 'C:\Windows\system32\CRYPTSP.dll'
18089c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000644 pwszName=\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
18099c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
18109c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
18119c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
18129c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll'
18139c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18149c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
18159c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
18169c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
18179c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18189c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18199c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091d770:C:\VirtualBox;C:\Windows\system32 [calling]
18209c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
18219c8.9cc: supR3HardenedDllNotificationCallback: load 000007fefcc30000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
18229c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
18239c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc30000 'C:\Windows\system32\RpcRtRemote.dll'
18249c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
18259c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
18269c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
18279c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
18289c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
18299c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
18309c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
18319c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
18329c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
18339c8.9f0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxC.dll) WinVerifyTrust
18349c8.9f0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxC.dll
18359c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
18369c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
18379c8.9f0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
18389c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18399c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18409c8.9f0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
18419c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
18429c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
18439c8.9f0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
18449c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
18459c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume1\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
18469c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000688 pwszName=\Device\HarddiskVolume1\Windows\System32\version.dll
18479c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
18489c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
18499c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
18509c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\version.dll'
18519c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18529c8.9f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
18539c8.9f0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\version.dll) WinVerifyTrust
18549c8.9f0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\version.dll
18559c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18569c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18579c8.9f0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
18589c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
18599c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
18609c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
18619c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
18629c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000069c pwszName=\Device\HarddiskVolume1\Windows\System32\psapi.dll
18639c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
18649c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
18659c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=561BAAB249C395B66D294444DF251EDB701DB607
18669c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\psapi.dll'
18679c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18689c8.9f0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\psapi.dll) WinVerifyTrust
18699c8.9f0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\psapi.dll
18709c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
18719c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
18729c8.9f0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
18739c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18749c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18759c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18769c8.9f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18779c8.9f0: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000090f970:C:\VirtualBox;C:\VirtualBox;C:\Windows\system32 [calling]
18789c8.9f0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxC.dll
18799c8.9f0: supR3HardenedDllNotificationCallback: load 000007fef4f80000 LB 0x005d6000 C:\VirtualBox\VBoxC.dll [fFlags=0x0]
18809c8.9f0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxC.dll
18819c8.9f0: supR3HardenedDllNotificationCallback: load 0000000077110000 LB 0x00007000 C:\Windows\system32\PSAPI.DLL [fFlags=0x0]
18829c8.9f0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\psapi.dll
18839c8.9f0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
18849c8.9f0: supR3HardenedDllNotificationCallback: load 000007fefbdc0000 LB 0x0000c000 C:\Windows\system32\VERSION.dll [fFlags=0x0]
18859c8.9f0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
18869c8.9f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4f80000 'C:\VirtualBox\VBoxC.dll'
18879c8.9f0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
18889c8.9f0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000915160:C:\Windows\system32;C:\VirtualBox;C:\Windows\system32 [calling]
18899c8.9f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\oleaut32.dll'
18909c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000690 pwszName=\Device\HarddiskVolume1\Windows\System32\sxs.dll
18919c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
18929c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
18939c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
18949c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\sxs.dll'
18959c8.9f0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18969c8.9f0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\sxs.dll) WinVerifyTrust
18979c8.9f0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sxs.dll
18989c8.9f0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SXS.DLL (Input=SXS.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091da70:C:\VirtualBox;C:\Windows\system32 [calling]
18999c8.9f0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\sxs.dll
19009c8.9f0: supR3HardenedDllNotificationCallback: load 000007fefcb90000 LB 0x00091000 C:\Windows\system32\SXS.DLL [fFlags=0x0]
19019c8.9f0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\sxs.dll
19029c8.9f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb90000 'C:\Windows\system32\SXS.DLL'
19039c8.9f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde50000 'C:\Windows\system32\ADVAPI32.dll'
19049c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
19059c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000091da70:C:\VirtualBox;C:\Windows\system32 [calling]
19069c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\OLEAUT32.dll'
19079c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\Windows\system32\gdi32.dll'
19089c8.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19099c8.9f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
19109c8.9f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll) WinVerifyTrust
19119c8.9f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
19129c8.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19139c8.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19149c8.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19159c8.9f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19169c8.9f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033c4080:C:\VirtualBox;C:\Windows\system32 [calling]
19179c8.9f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
19189c8.9f8: supR3HardenedDllNotificationCallback: load 000007fef4c50000 LB 0x0000d000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
19199c8.9f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
19209c8.9f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4c50000 'C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
19219c8.9cc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
19229c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033c42c0:C:\VirtualBox;C:\Windows\system32 [calling]
19239c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
19249c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d20000 'C:\Windows\system32\user32.dll'
19259c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
19269c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033c42c0:C:\VirtualBox;C:\Windows\system32 [calling]
19279c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1c0000 'C:\Windows\system32\shell32.dll'
19289c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
19299c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033c4d40:C:\VirtualBox;C:\Windows\system32 [calling]
19309c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5a0000 'C:\Windows\system32\ole32.dll'
19319c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
19329c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033c4bc0:C:\VirtualBox;C:\Windows\system32 [calling]
19339c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5a0000 'C:\Windows\system32\ole32.dll'
19349c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
19359c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033c4bc0:C:\VirtualBox;C:\Windows\system32 [calling]
19369c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\OLEAUT32.dll'
19379c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ad0 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
19389c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
19399c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
19409c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
19419c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll'
19429c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19439c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19449c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
19459c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
19469c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
19479c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
19489c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
19499c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
19509c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
19519c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
19529c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
19539c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
19549c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19559c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
19569c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19579c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
19589c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19599c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
19609c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
19619c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
19629c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab8 pwszName=\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
19639c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
19649c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
19659c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
19669c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll'
19679c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19689c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19699c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
19709c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
19719c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
19729c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
19739c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll) WinVerifyTrust
19749c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
19759c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19769c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19779c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
19789c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
19799c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
19809c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19819c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19829c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
19839c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19849c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
19859c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19869c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
19879c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19889c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19899c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000915670:C:\Windows\system32\wbem;C:\VirtualBox;C:\Windows\system32 [calling]
19909c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
19919c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef98b0000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
19929c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
19939c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
19949c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef9cc0000 LB 0x00086000 C:\Windows\system32\wbemcomn.dll [fFlags=0x0]
19959c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
19969c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef98b0000 'C:\Windows\system32\wbem\wbemprox.dll'
19979c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af0 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
19989c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
19999c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
20009c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
20019c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll'
20029c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20039c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20049c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
20059c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
20069c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
20079c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20089c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20099c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20109c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20119c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000009151f0:C:\Windows\system32\wbem;C:\VirtualBox;C:\Windows\system32 [calling]
20129c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
20139c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef96d0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
20149c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
20159c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef96d0000 'C:\Windows\system32\wbem\wbemsvc.dll'
20169c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af4 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
20179c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
20189c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
20199c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
20209c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll'
20219c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20229c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20239c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
20249c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
20259c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
20269c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
20279c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
20289c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
20299c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
20309c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
20319c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
20329c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000acc pwszName=\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
20339c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
20349c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
20359c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
20369c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll'
20379c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20389c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20399c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
20409c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
20419c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll) WinVerifyTrust
20429c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
20439c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20449c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
20459c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20469c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
20479c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20489c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
20499c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
20509c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
20519c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
20529c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20539c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20549c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20559c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
20569c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
20579c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20589c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20599c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
20609c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20619c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20629c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000915550:C:\Windows\system32\wbem;C:\VirtualBox;C:\Windows\system32 [calling]
20639c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
20649c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef9980000 LB 0x000e2000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
20659c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
20669c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
20679c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef9930000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
20689c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
20699c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9980000 'C:\Windows\system32\wbem\fastprox.dll'
20709c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\OLEAUT32.dll'
20719c8.a14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20729c8.a14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
20739c8.a14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20749c8.a14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll) WinVerifyTrust
20759c8.a14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
20769c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20779c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20789c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
20799c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
20809c8.a14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
20819c8.a14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
20829c8.a14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
20839c8.a14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxREM.dll) WinVerifyTrust
20849c8.a14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxREM.dll
20859c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20869c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20879c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20889c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20899c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
20909c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
20919c8.a14: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
20929c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20939c8.a14: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20949c8.a14: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033c4380:C:\VirtualBox;C:\Windows\system32 [calling]
20959c8.a14: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
20969c8.a14: supR3HardenedDllNotificationCallback: load 000007fef4870000 LB 0x00293000 C:\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
20979c8.a14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
20989c8.a14: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxREM.dll
20999c8.a14: supR3HardenedDllNotificationCallback: load 0000000073960000 LB 0x0010a000 C:\VirtualBox\VBoxREM.dll [fFlags=0x0]
21009c8.a14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxREM.dll
21019c8.a14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4870000 'C:\VirtualBox\VBoxVMM.DLL'
21029c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ndis.sys'.
21039c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ntoskrnl.exe'.
21049c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys)
21059c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys
21069c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys [avoiding WinVerifyTrust]
21079c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
21089c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
21099c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
21109c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys)
21119c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys
21129c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys [avoiding WinVerifyTrust]
21139c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
21149c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys)
21159c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys
21169c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys [avoiding WinVerifyTrust]
21179c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
21189c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys)
21199c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys
21209c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys [avoiding WinVerifyTrust]
21219c8.a1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxDrv.sys'
21229c8.a1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxUSBMon.sys'
21239c8.a1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetLwf.sys'
21249c8.a1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\drivers\VBoxNetAdp6.sys'
21259c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bc8 pwszName=\Device\HarddiskVolume1\Windows\System32\netcfgx.dll
21269c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
21279c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
21289c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B2E2834BA132AEF0C1091DED23D983BBB0CDB980
21299c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\netcfgx.dll'
21309c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21319c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shlwapi.dll'.
21329c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
21339c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
21349c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
21359c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
21369c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
21379c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'nsi.dll'.
21389c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'iphlpapi.dll'.
21399c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\netcfgx.dll) WinVerifyTrust
21409c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\netcfgx.dll
21419c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
21429c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
21439c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bac pwszName=\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
21449c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
21459c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
21469c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
21479c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL'
21489c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21499c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21509c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
21519c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
21529c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
21539c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
21549c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
21559c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
21569c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
21579c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
21589c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21599c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21609c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21619c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
21629c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21639c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
21649c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21659c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21669c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21679c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21689c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
21699c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
21709c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
21719c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
21729c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
21739c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'pshed.dll'.
21749c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
21759c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'kdcom.dll'.
21769c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'clfs.sys'.
21779c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ci.dll'.
21789c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe) WinVerifyTrust
21799c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
21809c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
21819c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
21829c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
21839c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
21849c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
21859c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
21869c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
21879c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msrpc.sys'.
21889c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\netio.sys) WinVerifyTrust
21899c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\netio.sys
21909c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
21919c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
21929c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
21939c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
21949c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
21959c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys) WinVerifyTrust
21969c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys
21979c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
21989c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
21999c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
22009c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22019c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22029c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
22039c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
22049c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
22059c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys
22069c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
22079c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
22089c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\netio.sys
22099c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
22109c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
22119c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22129c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'kdcom.dll'.
22139c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'pshed.dll'.
22149c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\hal.dll) WinVerifyTrust
22159c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\hal.dll
22169c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22179c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22189c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
22199c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
22209c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msrpc.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\msrpc.sys' [rcNtRedir=0xc0150008]
22219c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22229c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\drivers\msrpc.sys) WinVerifyTrust
22239c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\drivers\msrpc.sys
22249c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
22259c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
22269c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\drivers\ndis.sys
22279c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22289c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22299c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
22309c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ci.dll'...
22319c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ci.dll' -> '\Device\HarddiskVolume1\Windows\System32\ci.dll' [rcNtRedir=0xc0150008]
22329c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22339c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ci.dll) WinVerifyTrust
22349c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ci.dll
22359c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'clfs.sys'...
22369c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'clfs.sys' -> '\Device\HarddiskVolume1\Windows\System32\clfs.sys' [rcNtRedir=0xc0150008]
22379c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22389c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clfs.sys) WinVerifyTrust
22399c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clfs.sys
22409c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
22419c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume1\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
22429c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22439c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
22449c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\kdcom.dll) WinVerifyTrust
22459c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kdcom.dll
22469c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
22479c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
22489c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\hal.dll
22499c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
22509c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume1\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
22519c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22529c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
22539c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\PSHED.DLL) WinVerifyTrust
22549c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\PSHED.DLL
22559c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22569c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22579c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
22589c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
22599c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bdc pwszName=\Device\HarddiskVolume1\Windows\System32\winnsi.dll
22609c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
22619c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
22629c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
22639c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winnsi.dll'
22649c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22659c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22669c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
22679c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
22689c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winnsi.dll) WinVerifyTrust
22699c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winnsi.dll
22709c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
22719c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
22729c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
22739c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22749c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22759c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
22769c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
22779c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
22789c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22799c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22809c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22819c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22829c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
22839c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
22849c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\hal.dll
22859c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22869c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22879c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
22889c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
22899c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume1\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
22909c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\hal.dll
22919c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22929c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22939c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
22949c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22959c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22969c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe
22979c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22989c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22999c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23009c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23019c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
23029c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume1\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
23039c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\PSHED.DLL
23049c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
23059c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume1\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
23069c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kdcom.dll
23079c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23089c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume1\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23099c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\netcfgx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000915550:C:\Windows\system32;C:\VirtualBox;C:\Windows\system32 [calling]
23109c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\netcfgx.dll
23119c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef9640000 LB 0x00084000 C:\Windows\system32\netcfgx.dll [fFlags=0x0]
23129c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\netcfgx.dll
23139c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
23149c8.a1c: supR3HardenedDllNotificationCallback: load 000007fefaeb0000 LB 0x00027000 C:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
23159c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
23169c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
23179c8.a1c: supR3HardenedDllNotificationCallback: load 000007fefae80000 LB 0x0000b000 C:\Windows\system32\WINNSI.DLL [fFlags=0x0]
23189c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
23199c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9640000 'C:\Windows\system32\netcfgx.dll'
23209c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
23219c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004ad4f30:C:\VirtualBox;C:\Windows\system32 [calling]
23229c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd130000 'C:\Windows\system32\SETUPAPI.dll'
23239c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23249c8.a1c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\devrtl.dll)
23259c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devrtl.dll
23269c8.a1c: supR3HardenedDllNotificationCallback: load 000007fefbfb0000 LB 0x00012000 C:\Windows\system32\devrtl.DLL [fFlags=0x0]
23279c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
23289c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000be4 pwszName=\Device\HarddiskVolume1\Windows\System32\devrtl.dll
23299c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
23309c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
23319c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
23329c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devrtl.dll'
23339c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23349c8.a1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\devrtl.dll'
23359c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
23369c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23379c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23389c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004ad4f30:C:\VirtualBox;C:\Windows\system32 [calling]
23399c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd20000 'C:\Windows\system32\WINTRUST.dll'
23409c8.a44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23419c8.a44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
23429c8.a44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23439c8.a44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
23449c8.a44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
23459c8.a44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxSharedClipboard.dll
23469c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23479c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23489c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23499c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
23509c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
23519c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
23529c8.a44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
23539c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23549c8.a44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23559c8.a44: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004ad4ff0:C:\VirtualBox;C:\Windows\system32 [calling]
23569c8.a44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSharedClipboard.dll
23579c8.a44: supR3HardenedDllNotificationCallback: load 000007fef4b70000 LB 0x0000a000 C:\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
23589c8.a44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSharedClipboard.dll
23599c8.a44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4b70000 'C:\VirtualBox\VBoxSharedClipboard.DLL'
23609c8.a4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23619c8.a4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
23629c8.a4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23639c8.a4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
23649c8.a4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxDragAndDropSvc.dll
23659c8.a4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23669c8.a4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
23679c8.a4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
23689c8.a4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
23699c8.a4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
23709c8.a4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23719c8.a4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23729c8.a4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004ad5290:C:\VirtualBox;C:\Windows\system32 [calling]
23739c8.a4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDragAndDropSvc.dll
23749c8.a4c: supR3HardenedDllNotificationCallback: load 000007fef4b60000 LB 0x0000d000 C:\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
23759c8.a4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDragAndDropSvc.dll
23769c8.a4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4b60000 'C:\VirtualBox\VBoxDragAndDropSvc.DLL'
23779c8.a50: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23789c8.a50: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
23799c8.a50: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23809c8.a50: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
23819c8.a50: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxGuestPropSvc.dll
23829c8.a50: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23839c8.a50: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
23849c8.a50: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
23859c8.a50: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
23869c8.a50: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcp100.dll
23879c8.a50: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23889c8.a50: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23899c8.a50: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004ad53b0:C:\VirtualBox;C:\Windows\system32 [calling]
23909c8.a50: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxGuestPropSvc.dll
23919c8.a50: supR3HardenedDllNotificationCallback: load 000007fef4b50000 LB 0x0000f000 C:\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
23929c8.a50: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxGuestPropSvc.dll
23939c8.a50: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4b50000 'C:\VirtualBox\VBoxGuestPropSvc.DLL'
23949c8.a58: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23959c8.a58: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
23969c8.a58: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23979c8.a58: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
23989c8.a58: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxGuestControlSvc.dll
23999c8.a58: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24009c8.a58: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24019c8.a58: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
24029c8.a58: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
24039c8.a58: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24049c8.a58: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24059c8.a58: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98300:C:\VirtualBox;C:\Windows\system32 [calling]
24069c8.a58: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxGuestControlSvc.dll
24079c8.a58: supR3HardenedDllNotificationCallback: load 000007fef4b40000 LB 0x0000e000 C:\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
24089c8.a58: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxGuestControlSvc.dll
24099c8.a58: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4b40000 'C:\VirtualBox\VBoxGuestControlSvc.DLL'
24109c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
24119c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98300:C:\VirtualBox;C:\Windows\system32 [calling]
24129c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
24139c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1c0000 'C:\Windows\system32/Shell32.dll'
24149c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5a0000 'C:\Windows\system32\ole32.dll'
24159c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000004a98300:C:\VirtualBox;C:\Windows\system32 [calling]
24169c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0a0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
24179c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll
24189c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98300:C:\VirtualBox;C:\Windows\system32 [calling]
24199c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcce0000 'C:\Windows\system32\profapi.dll'
24209c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
24219c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98300:C:\VirtualBox;C:\Windows\system32 [calling]
24229c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4870000 'C:\VirtualBox\VBoxVMM.DLL'
24239c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24249c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
24259c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
24269c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
24279c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
24289c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
24299c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
24309c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24319c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24329c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24339c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24349c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24359c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
24369c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24379c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24389c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24399c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24409c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\msvcr100.dll
24419c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98300:C:\VirtualBox;C:\Windows\system32 [calling]
24429c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
24439c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef4830000 LB 0x00033000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
24449c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
24459c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4830000 'C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
24469c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef4830000 LB 0x00033000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
24479c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24489c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
24499c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24509c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
24519c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
24529c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
24539c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
24549c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
24559c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
24569c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
24579c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxDD.dll) WinVerifyTrust
24589c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxDD.dll
24599c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
24609c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
24619c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
24629c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24639c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24649c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24659c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24669c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
24679c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
24689c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
24699c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
24709c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24719c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
24729c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
24739c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
24749c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24759c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
24769c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24779c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxDD2.dll) WinVerifyTrust
24789c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxDD2.dll
24799c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
24809c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
24819c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24829c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
24839c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
24849c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
24859c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
24869c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
24879c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxDDU.dll) WinVerifyTrust
24889c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxDDU.dll
24899c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24909c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24919c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
24929c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
24939c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
24949c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24959c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24969c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24979c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24989c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
24999c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume1\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
25009c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000da0 pwszName=\Device\HarddiskVolume1\Windows\System32\newdev.dll
25019c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
25029c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
25039c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F4B2CF91DA6B4233E3BF5D2EC9677240BFF983C
25049c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume1\Windows\System32\newdev.dll'
25059c8.a1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25069c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25079c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
25089c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
25099c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
25109c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
25119c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
25129c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
25139c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\newdev.dll) WinVerifyTrust
25149c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\newdev.dll
25159c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
25169c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
25179c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
25189c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25199c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25209c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25219c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25229c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25239c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25249c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25259c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25269c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
25279c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
25289c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
25299c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25309c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25319c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
25329c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
25339c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
25349c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
25359c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
25369c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
25379c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
25389c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume1\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
25399c8.a1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
25409c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
25419c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
25429c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25439c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25449c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25459c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
25469c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25479c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25489c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98480:C:\VirtualBox;C:\Windows\system32 [calling]
25499c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDD.dll
25509c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef3f80000 LB 0x008e2000 C:\VirtualBox\VBoxDD.DLL [fFlags=0x0]
25519c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDD.dll
25529c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDDU.dll
25539c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef4eb0000 LB 0x00061000 C:\VirtualBox\VBoxDDU.dll [fFlags=0x0]
25549c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDDU.dll
25559c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\newdev.dll
25569c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef4f20000 LB 0x00051000 C:\Windows\system32\newdev.dll [fFlags=0x0]
25579c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\newdev.dll
25589c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDD2.dll
25599c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef3f40000 LB 0x00035000 C:\VirtualBox\VBoxDD2.dll [fFlags=0x0]
25609c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDD2.dll
25619c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3f80000 'C:\VirtualBox/VBoxDD.DLL'
25629c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
25639c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98540:C:\VirtualBox;C:\Windows\system32 [calling]
25649c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
25659c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef3f00000 LB 0x00033000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
25669c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
25679c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3f00000 'C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
25689c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxC.dll
25699c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98480:C:\VirtualBox;C:\Windows\system32 [calling]
25709c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxC.dll
25719c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4f80000 'C:\VirtualBox/VBoxC.DLL'
25729c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDD2.dll
25739c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98540:C:\VirtualBox;C:\Windows\system32 [calling]
25749c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxDD2.dll
25759c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3f40000 'C:\VirtualBox/VBoxDD2.DLL'
25769c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25779c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25789c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
25799c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
25809c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25819c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25829c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25839c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25849c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98480:C:\VirtualBox;C:\Windows\system32 [calling]
25859c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
25869c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef3ee0000 LB 0x0001d000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
25879c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
25889c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3ee0000 'C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL'
25899c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25909c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25919c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
25929c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
25939c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25949c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25959c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25969c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25979c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98240:C:\VirtualBox;C:\Windows\system32 [calling]
25989c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
25999c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef3ec0000 LB 0x00018000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
26009c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
26019c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3ec0000 'C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL'
26029c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26039c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26049c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
26059c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
26069c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26079c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26089c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26099c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26109c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98540:C:\VirtualBox;C:\Windows\system32 [calling]
26119c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
26129c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef3ea0000 LB 0x00019000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
26139c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
26149c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3ea0000 'C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL'
26159c8.a64: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26169c8.a64: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
26179c8.a64: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26189c8.a64: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
26199c8.a64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\VBoxSharedFolders.dll
26209c8.a64: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26219c8.a64: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26229c8.a64: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
26239c8.a64: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
26249c8.a64: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxVMM.dll
26259c8.a64: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26269c8.a64: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26279c8.a64: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98480:C:\VirtualBox;C:\Windows\system32 [calling]
26289c8.a64: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSharedFolders.dll
26299c8.a64: supR3HardenedDllNotificationCallback: load 000007fef3e90000 LB 0x0000d000 C:\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
26309c8.a64: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\VBoxSharedFolders.dll
26319c8.a64: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3e90000 'C:\VirtualBox\VBoxSharedFolders.DLL'
26329c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26339c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26349c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
26359c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
26369c8.a1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
26379c8.a1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
26389c8.a1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
26399c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26409c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
26419c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
26429c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
26439c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26449c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26459c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26469c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26479c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26489c8.a1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26499c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a985a0:C:\VirtualBox;C:\Windows\system32 [calling]
26509c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
26519c8.a1c: supR3HardenedDllNotificationCallback: load 000007fef4b80000 LB 0x000c4000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
26529c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
26539c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4b80000 'C:\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL'
26549c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4870000 'C:\VirtualBox\VBoxVMM.DLL'
26559c8.a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
26569c8.a1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a987e0:C:\VirtualBox;C:\Windows\system32 [calling]
26579c8.a1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
26589c8.a1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e20000 'C:\Windows\system32/kernel32.dll'
26599c8.a14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\OLEAUT32.dll'
26609c8.9cc: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [redir]
26619c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [redoing WinVerifyTrust]
26629c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000540 pwszName=\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
26639c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
26649c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
26659c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
26669c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
26679c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26689c8.9cc: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
26699c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000004ad49f0:C:\VirtualBox;C:\Windows\system32 [calling]
26709c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5560000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
26719c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
26729c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98fc0:C:\VirtualBox;C:\Windows\system32 [calling]
26739c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1c0000 'C:\Windows\system32\shell32.dll'
26749c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
26759c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98fc0:C:\VirtualBox;C:\Windows\system32 [calling]
26769c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7710000 'C:\Windows\system32\WINMM.dll'
26779c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000674 pwszName=\Device\HarddiskVolume1\Windows\System32\mscms.dll
26789c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
26799c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
26809c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
26819c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a98f60:C:\VirtualBox;C:\Windows\system32 [calling]
26829c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd20000 'C:\Windows\system32\WINTRUST.DLL'
26839c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
26849c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000004a98f60:C:\VirtualBox;C:\Windows\system32 [calling]
26859c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcef0000 'C:\Windows\system32\CRYPT32.dll'
26869c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=77B48D4C63C7308FE42B2B7DF054999F6CE86C20
26879c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\cryptnet.dll'
26889c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Server-Features-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\mscms.dll'
26899c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26909c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26919c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'userenv.dll'.
26929c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
26939c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
26949c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mscms.dll) WinVerifyTrust
26959c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mscms.dll
26969c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
26979c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
26989c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26999c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27009c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
27019c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume1\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
27029c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll
27039c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27049c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27059c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mscms.dll (Input=mscms.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a99020:C:\VirtualBox;C:\Windows\system32 [calling]
27069c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mscms.dll
27079c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef2df0000 LB 0x0009c000 C:\Windows\system32\mscms.dll [fFlags=0x0]
27089c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mscms.dll
27099c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2df0000 'C:\Windows\system32\mscms.dll'
27109c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f1c pwszName=\Device\HarddiskVolume1\Windows\System32\icm32.dll
27119c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000942320
27129c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000942320
27139c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A467A1C0C873D06FC9374DE3DAC05A8C3CE89002
27149c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Server-Features-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\icm32.dll'
27159c8.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27169c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27179c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mscms.dll'.
27189c8.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
27199c8.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\icm32.dll) WinVerifyTrust
27209c8.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\icm32.dll
27219c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27229c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
27239c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mscms.dll'...
27249c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mscms.dll' -> '\Device\HarddiskVolume1\Windows\System32\mscms.dll' [rcNtRedir=0xc0150008]
27259c8.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mscms.dll
27269c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27279c8.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27289c8.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\icm32.dll (Input=icm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a99020:C:\VirtualBox;C:\Windows\system32 [calling]
27299c8.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\icm32.dll
27309c8.9cc: supR3HardenedDllNotificationCallback: load 000007fef2da0000 LB 0x00042000 C:\Windows\system32\icm32.dll [fFlags=0x0]
27319c8.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\icm32.dll
27329c8.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2da0000 'C:\Windows\system32\icm32.dll'
27339c8.a64: supR3HardenedDllNotificationCallback: Unload 000007fef3e90000 LB 0x0000d000 C:\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
27349c8.a58: supR3HardenedDllNotificationCallback: Unload 000007fef4b40000 LB 0x0000e000 C:\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
27359c8.a50: supR3HardenedDllNotificationCallback: Unload 000007fef4b50000 LB 0x0000f000 C:\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
27369c8.a4c: supR3HardenedDllNotificationCallback: Unload 000007fef4b60000 LB 0x0000d000 C:\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
27379c8.a44: supR3HardenedDllNotificationCallback: Unload 000007fef4b70000 LB 0x0000a000 C:\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
27389c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef3ea0000 LB 0x00019000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [flags=0x0]
27399c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef3ec0000 LB 0x00018000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [flags=0x0]
27409c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef3ee0000 LB 0x0001d000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [flags=0x0]
27419c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef3f00000 LB 0x00033000 C:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
27429c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef3f80000 LB 0x008e2000 C:\VirtualBox\VBoxDD.DLL [flags=0x0]
27439c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef3f40000 LB 0x00035000 C:\VirtualBox\VBoxDD2.dll [flags=0x0]
27449c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef4eb0000 LB 0x00061000 C:\VirtualBox\VBoxDDU.dll [flags=0x0]
27459c8.a1c: supR3HardenedDllNotificationCallback: Unload 000007fef4f20000 LB 0x00051000 C:\Windows\system32\newdev.dll [flags=0x0]
27469c0.9c4: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 266313 ms, the end);
27479b8.9bc: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 266672 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy