VirtualBox

Ticket #15121: Linux-2016-02-06-15-17-28.log

File Linux-2016-02-06-15-17-28.log, 387.6 KB (added by Mikael Djurfeldt, 9 years ago)

VBox.log

Line 
11b50.1b54: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa0295a00
21b50.1b54: \SystemRoot\System32\ntdll.dll:
31b50.1b54: CreationTime: 2015-12-05T03:44:59.473740700Z
41b50.1b54: LastWriteTime: 2015-12-05T03:44:59.473740700Z
51b50.1b54: ChangeTime: 2015-12-05T03:45:25.439150100Z
61b50.1b54: FileAttributes: 0x20
71b50.1b54: Size: 0x1bba48
81b50.1b54: NT Headers: 0xe0
91b50.1b54: Timestamp: 0x56540c3b
101b50.1b54: Machine: 0x8664 - amd64
111b50.1b54: Timestamp: 0x56540c3b
121b50.1b54: Image Version: 10.0
131b50.1b54: SizeOfImage: 0x1c1000 (1839104)
141b50.1b54: Resource Dir: 0x159000 LB 0x66218
151b50.1b54: ProductName: Microsoft® Windows® Operating System
161b50.1b54: ProductVersion: 10.0.10586.20
171b50.1b54: FileVersion: 10.0.10586.20 (th2_release_sec.151123-1940)
181b50.1b54: FileDescription: NT Layer DLL
191b50.1b54: \SystemRoot\System32\kernel32.dll:
201b50.1b54: CreationTime: 2015-10-30T07:17:46.221743200Z
211b50.1b54: LastWriteTime: 2015-10-30T07:17:46.221743200Z
221b50.1b54: ChangeTime: 2015-12-26T04:22:02.733935500Z
231b50.1b54: FileAttributes: 0x20
241b50.1b54: Size: 0xac430
251b50.1b54: NT Headers: 0xf0
261b50.1b54: Timestamp: 0x5632d5aa
271b50.1b54: Machine: 0x8664 - amd64
281b50.1b54: Timestamp: 0x5632d5aa
291b50.1b54: Image Version: 10.0
301b50.1b54: SizeOfImage: 0xad000 (708608)
311b50.1b54: Resource Dir: 0xab000 LB 0x528
321b50.1b54: ProductName: Microsoft® Windows® Operating System
331b50.1b54: ProductVersion: 10.0.10586.0
341b50.1b54: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
351b50.1b54: FileDescription: Windows NT BASE API Client DLL
361b50.1b54: \SystemRoot\System32\KernelBase.dll:
371b50.1b54: CreationTime: 2015-10-30T07:18:03.596688800Z
381b50.1b54: LastWriteTime: 2015-10-30T07:18:03.596688800Z
391b50.1b54: ChangeTime: 2015-12-26T04:22:02.812585300Z
401b50.1b54: FileAttributes: 0x20
411b50.1b54: Size: 0x1e7a08
421b50.1b54: NT Headers: 0xf0
431b50.1b54: Timestamp: 0x5632d1de
441b50.1b54: Machine: 0x8664 - amd64
451b50.1b54: Timestamp: 0x5632d1de
461b50.1b54: Image Version: 10.0
471b50.1b54: SizeOfImage: 0x1e8000 (1998848)
481b50.1b54: Resource Dir: 0x1d1000 LB 0x540
491b50.1b54: ProductName: Microsoft® Windows® Operating System
501b50.1b54: ProductVersion: 10.0.10586.0
511b50.1b54: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
521b50.1b54: FileDescription: Windows NT BASE API Client DLL
531b50.1b54: \SystemRoot\System32\apisetschema.dll:
541b50.1b54: CreationTime: 2015-10-30T07:17:57.502957900Z
551b50.1b54: LastWriteTime: 2015-10-30T07:17:57.502957900Z
561b50.1b54: ChangeTime: 2015-11-21T03:46:03.326382100Z
571b50.1b54: FileAttributes: 0x20
581b50.1b54: Size: 0x16d60
591b50.1b54: NT Headers: 0xc8
601b50.1b54: Timestamp: 0x5632d94c
611b50.1b54: Machine: 0x8664 - amd64
621b50.1b54: Timestamp: 0x5632d94c
631b50.1b54: Image Version: 10.0
641b50.1b54: SizeOfImage: 0x18000 (98304)
651b50.1b54: Resource Dir: 0x17000 LB 0x400
661b50.1b54: ProductName: Microsoft® Windows® Operating System
671b50.1b54: ProductVersion: 10.0.10586.0
681b50.1b54: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
691b50.1b54: FileDescription: ApiSet Schema DLL
701b50.1b54: supR3HardenedWinFindAdversaries: 0x0
711b50.1b54: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
721b50.1b54: Calling main()
731b50.1b54: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
741b50.1b54: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
751b50.1b54: SUPR3HardenedMain: Respawn #1
761b50.1b54: System32: \Device\HarddiskVolume3\Windows\System32
771b50.1b54: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
781b50.1b54: KnownDllPath: C:\Windows\system32
791b50.1b54: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
801b50.1b54: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
811b50.1b54: supR3HardNtEnableThreadCreation:
821b50.1b54: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff842986a80 pvNtTerminateThread=00007ff8429b5830
831b50.1b54: supR3HardenedWinDoReSpawn(1): New child 1b5c.1b60 [kernel32].
841b50.1b54: supR3HardNtChildGatherData: PebBaseAddress=0000000000224000 cbPeb=0x388
851b50.1b54: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff842910000 uNtDllChildAddr=00007ff842910000
861b50.1b54: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff842986a80
871b50.1b54: supR3HardenedWinSetupChildInit: Start child.
881b50.1b54: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
891b50.1b54: supR3HardNtChildPurify: Startup delay kludge #1/0: 267 ms, 16 sleeps
901b50.1b54: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
911b50.1b54: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
921b50.1b54: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
931b50.1b54: *0000000000030000-000000000001afff 0x0002/0x0002 0x0040000
941b50.1b54: 0000000000045000-0000000000039fff 0x0001/0x0000 0x0000000
951b50.1b54: *0000000000050000-fffffffffff53fff 0x0000/0x0004 0x0020000
961b50.1b54: 000000000014c000-0000000000148fff 0x0104/0x0004 0x0020000
971b50.1b54: 000000000014f000-000000000014dfff 0x0004/0x0004 0x0020000
981b50.1b54: *0000000000150000-000000000014bfff 0x0002/0x0002 0x0040000
991b50.1b54: 0000000000154000-0000000000147fff 0x0001/0x0000 0x0000000
1001b50.1b54: *0000000000160000-000000000015dfff 0x0004/0x0004 0x0020000
1011b50.1b54: 0000000000162000-00000000000c3fff 0x0001/0x0000 0x0000000
1021b50.1b54: *0000000000200000-00000000001dbfff 0x0000/0x0004 0x0020000
1031b50.1b54: 0000000000224000-0000000000220fff 0x0004/0x0004 0x0020000
1041b50.1b54: 0000000000227000-000000000004dfff 0x0000/0x0004 0x0020000
1051b50.1b54: 0000000000400000-ffffffff8081ffff 0x0001/0x0000 0x0000000
1061b50.1b54: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1071b50.1b54: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1081b50.1b54: 000000007fff0000-ffff800a0af5ffff 0x0001/0x0000 0x0000000
1091b50.1b54: *00007ff6f5080000-00007ff6f505cfff 0x0002/0x0002 0x0040000
1101b50.1b54: 00007ff6f50a3000-00007ff6f40f5fff 0x0001/0x0000 0x0000000
1111b50.1b54: *00007ff6f6050000-00007ff6f6050fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1121b50.1b54: 00007ff6f6051000-00007ff6f60d7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1131b50.1b54: 00007ff6f60d8000-00007ff6f60d8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1141b50.1b54: 00007ff6f60d9000-00007ff6f6123fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1151b50.1b54: 00007ff6f6124000-00007ff6f6124fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1161b50.1b54: 00007ff6f6125000-00007ff6f6125fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1171b50.1b54: 00007ff6f6126000-00007ff6f612afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1181b50.1b54: 00007ff6f612b000-00007ff6f612bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1191b50.1b54: 00007ff6f612c000-00007ff6f612cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1201b50.1b54: 00007ff6f612d000-00007ff6f6130fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1211b50.1b54: 00007ff6f6131000-00007ff6f617bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1221b50.1b54: 00007ff6f617c000-00007ff5a99e7fff 0x0001/0x0000 0x0000000
1231b50.1b54: *00007ff842910000-00007ff842910fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1241b50.1b54: 00007ff842911000-00007ff842a0dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1251b50.1b54: 00007ff842a0e000-00007ff842a4efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1261b50.1b54: 00007ff842a4f000-00007ff842a57fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1271b50.1b54: 00007ff842a58000-00007ff842a64fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1281b50.1b54: 00007ff842a65000-00007ff842a65fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1291b50.1b54: 00007ff842a66000-00007ff842a68fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1301b50.1b54: 00007ff842a69000-00007ff842ad0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1311b50.1b54: 00007ff842ad1000-00007ff0855c1fff 0x0001/0x0000 0x0000000
1321b50.1b54: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
1331b50.1b54: VirtualBox.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
1341b50.1b54: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1351b50.1b54: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
1361b50.1b54: supR3HardNtChildPurify: Done after 304 ms and 0 fixes (loop #0).
1371b5c.1b60: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0295a00
1381b5c.1b60: supR3HardenedVmProcessInit: uNtDllAddr=00007ff842910000
1391b50.1b54: supR3HardNtEnableThreadCreation:
1401b5c.1b60: ntdll.dll: timestamp 0x56540c3b (rc=VINF_SUCCESS)
1411b5c.1b60: New simple heap: #1 0000000000500000 LB 0x400000 (for 1839104 allocation)
1421b5c.1b60: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1431b5c.1b60: System32: \Device\HarddiskVolume3\Windows\System32
1441b5c.1b60: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
1451b5c.1b60: KnownDllPath: C:\Windows\system32
1461b5c.1b60: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1471b5c.1b60: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1481b5c.1b60: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1491b5c.1b60: Registered Dll notification callback with NTDLL.
1501b5c.1b60: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
1511b5c.1b60: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1521b5c.1b60: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
1531b5c.1b60: supR3HardenedDllNotificationCallback: load 00007ff83f610000 LB 0x001e8000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1541b5c.1b60: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
1551b5c.1b60: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1561b5c.1b60: supR3HardenedDllNotificationCallback: load 00007ff842320000 LB 0x000ad000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
1571b5c.1b60: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1581b5c.1b60: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842320000 'C:\Windows\system32\KERNEL32.DLL'
1591b5c.1b60: supR3HardenedDllNotificationCallback: load 00007ff6f6050000 LB 0x0012c000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
1601b5c.1b60: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1611b5c.1b60: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1621b5c.1b60: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1631b5c.1b60: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff842986a80 pvNtTerminateThread=00007ff8429b5830
1641b50.1b54: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 116 ms.
1651b5c.1b60: \SystemRoot\System32\ntdll.dll:
1661b5c.1b60: CreationTime: 2015-12-05T03:44:59.473740700Z
1671b5c.1b60: LastWriteTime: 2015-12-05T03:44:59.473740700Z
1681b5c.1b60: ChangeTime: 2015-12-05T03:45:25.439150100Z
1691b5c.1b60: FileAttributes: 0x20
1701b5c.1b60: Size: 0x1bba48
1711b5c.1b60: NT Headers: 0xe0
1721b5c.1b60: Timestamp: 0x56540c3b
1731b5c.1b60: Machine: 0x8664 - amd64
1741b5c.1b60: Timestamp: 0x56540c3b
1751b5c.1b60: Image Version: 10.0
1761b5c.1b60: SizeOfImage: 0x1c1000 (1839104)
1771b5c.1b60: Resource Dir: 0x159000 LB 0x66218
1781b5c.1b60: ProductName: Microsoft® Windows® Operating System
1791b5c.1b60: ProductVersion: 10.0.10586.20
1801b5c.1b60: FileVersion: 10.0.10586.20 (th2_release_sec.151123-1940)
1811b5c.1b60: FileDescription: NT Layer DLL
1821b5c.1b60: \SystemRoot\System32\kernel32.dll:
1831b5c.1b60: CreationTime: 2015-10-30T07:17:46.221743200Z
1841b5c.1b60: LastWriteTime: 2015-10-30T07:17:46.221743200Z
1851b5c.1b60: ChangeTime: 2015-12-26T04:22:02.733935500Z
1861b5c.1b60: FileAttributes: 0x20
1871b5c.1b60: Size: 0xac430
1881b5c.1b60: NT Headers: 0xf0
1891b5c.1b60: Timestamp: 0x5632d5aa
1901b5c.1b60: Machine: 0x8664 - amd64
1911b5c.1b60: Timestamp: 0x5632d5aa
1921b5c.1b60: Image Version: 10.0
1931b5c.1b60: SizeOfImage: 0xad000 (708608)
1941b5c.1b60: Resource Dir: 0xab000 LB 0x528
1951b5c.1b60: ProductName: Microsoft® Windows® Operating System
1961b5c.1b60: ProductVersion: 10.0.10586.0
1971b5c.1b60: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
1981b5c.1b60: FileDescription: Windows NT BASE API Client DLL
1991b5c.1b60: \SystemRoot\System32\KernelBase.dll:
2001b5c.1b60: CreationTime: 2015-10-30T07:18:03.596688800Z
2011b5c.1b60: LastWriteTime: 2015-10-30T07:18:03.596688800Z
2021b5c.1b60: ChangeTime: 2015-12-26T04:22:02.812585300Z
2031b5c.1b60: FileAttributes: 0x20
2041b5c.1b60: Size: 0x1e7a08
2051b5c.1b60: NT Headers: 0xf0
2061b5c.1b60: Timestamp: 0x5632d1de
2071b5c.1b60: Machine: 0x8664 - amd64
2081b5c.1b60: Timestamp: 0x5632d1de
2091b5c.1b60: Image Version: 10.0
2101b5c.1b60: SizeOfImage: 0x1e8000 (1998848)
2111b5c.1b60: Resource Dir: 0x1d1000 LB 0x540
2121b5c.1b60: ProductName: Microsoft® Windows® Operating System
2131b5c.1b60: ProductVersion: 10.0.10586.0
2141b5c.1b60: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
2151b5c.1b60: FileDescription: Windows NT BASE API Client DLL
2161b5c.1b60: \SystemRoot\System32\apisetschema.dll:
2171b5c.1b60: CreationTime: 2015-10-30T07:17:57.502957900Z
2181b5c.1b60: LastWriteTime: 2015-10-30T07:17:57.502957900Z
2191b5c.1b60: ChangeTime: 2015-11-21T03:46:03.326382100Z
2201b5c.1b60: FileAttributes: 0x20
2211b5c.1b60: Size: 0x16d60
2221b5c.1b60: NT Headers: 0xc8
2231b5c.1b60: Timestamp: 0x5632d94c
2241b5c.1b60: Machine: 0x8664 - amd64
2251b5c.1b60: Timestamp: 0x5632d94c
2261b5c.1b60: Image Version: 10.0
2271b5c.1b60: SizeOfImage: 0x18000 (98304)
2281b5c.1b60: Resource Dir: 0x17000 LB 0x400
2291b5c.1b60: ProductName: Microsoft® Windows® Operating System
2301b5c.1b60: ProductVersion: 10.0.10586.0
2311b5c.1b60: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
2321b5c.1b60: FileDescription: ApiSet Schema DLL
2331b5c.1b60: supR3HardenedWinFindAdversaries: 0x0
2341b5c.1b60: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2351b5c.1b60: Calling main()
2361b5c.1b60: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2371b5c.1b60: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2381b5c.1b60: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2391b5c.1b60: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2401b5c.1b60: SUPR3HardenedMain: Respawn #2
2411b5c.1b60: supR3HardNtEnableThreadCreation:
2421b5c.1b60: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll)
2431b5c.1b60: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
2441b5c.1b60: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2451b5c.1b60: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2461b5c.1b60: supR3HardenedDllNotificationCallback: load 00007ff83ce60000 LB 0x00079000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2471b5c.1b60: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2481b5c.1b60: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83ce60000 'C:\Windows\system32\apphelp.dll'
2491b5c.1b60: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff842986a80 pvNtTerminateThread=00007ff8429b5830
2501b5c.1b60: supR3HardenedWinDoReSpawn(2): New child 1b64.1b68 [kernel32].
2511b5c.1b60: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
2521b5c.1b60: supR3HardNtChildGatherData: PebBaseAddress=000000000031a000 cbPeb=0x388
2531b5c.1b60: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff842910000 uNtDllChildAddr=00007ff842910000
2541b5c.1b60: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff842986a80
2551b5c.1b60: supR3HardenedWinSetupChildInit: Start child.
2561b5c.1b60: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2571b5c.1b60: supR3HardNtChildPurify: Startup delay kludge #1/0: 267 ms, 17 sleeps
2581b5c.1b60: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2591b5c.1b60: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2601b5c.1b60: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2611b5c.1b60: *0000000000030000-000000000001afff 0x0002/0x0002 0x0040000
2621b5c.1b60: 0000000000045000-0000000000039fff 0x0001/0x0000 0x0000000
2631b5c.1b60: *0000000000050000-fffffffffff53fff 0x0000/0x0004 0x0020000
2641b5c.1b60: 000000000014c000-0000000000148fff 0x0104/0x0004 0x0020000
2651b5c.1b60: 000000000014f000-000000000014dfff 0x0004/0x0004 0x0020000
2661b5c.1b60: *0000000000150000-000000000014bfff 0x0002/0x0002 0x0040000
2671b5c.1b60: 0000000000154000-0000000000147fff 0x0001/0x0000 0x0000000
2681b5c.1b60: *0000000000160000-000000000015dfff 0x0004/0x0004 0x0020000
2691b5c.1b60: 0000000000162000-00000000000c3fff 0x0001/0x0000 0x0000000
2701b5c.1b60: *0000000000200000-00000000000e5fff 0x0000/0x0004 0x0020000
2711b5c.1b60: 000000000031a000-0000000000316fff 0x0004/0x0004 0x0020000
2721b5c.1b60: 000000000031d000-0000000000239fff 0x0000/0x0004 0x0020000
2731b5c.1b60: 0000000000400000-ffffffff8081ffff 0x0001/0x0000 0x0000000
2741b5c.1b60: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2751b5c.1b60: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2761b5c.1b60: 000000007fff0000-ffff800a0acaffff 0x0001/0x0000 0x0000000
2771b5c.1b60: *00007ff6f5330000-00007ff6f530cfff 0x0002/0x0002 0x0040000
2781b5c.1b60: 00007ff6f5353000-00007ff6f4655fff 0x0001/0x0000 0x0000000
2791b5c.1b60: *00007ff6f6050000-00007ff6f6050fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2801b5c.1b60: 00007ff6f6051000-00007ff6f60d7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2811b5c.1b60: 00007ff6f60d8000-00007ff6f60d8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2821b5c.1b60: 00007ff6f60d9000-00007ff6f6123fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2831b5c.1b60: 00007ff6f6124000-00007ff6f6124fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2841b5c.1b60: 00007ff6f6125000-00007ff6f6125fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2851b5c.1b60: 00007ff6f6126000-00007ff6f612afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2861b5c.1b60: 00007ff6f612b000-00007ff6f612bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2871b5c.1b60: 00007ff6f612c000-00007ff6f612cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2881b5c.1b60: 00007ff6f612d000-00007ff6f6130fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2891b5c.1b60: 00007ff6f6131000-00007ff6f617bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2901b5c.1b60: 00007ff6f617c000-00007ff5a99e7fff 0x0001/0x0000 0x0000000
2911b5c.1b60: *00007ff842910000-00007ff842910fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2921b5c.1b60: 00007ff842911000-00007ff842a0dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2931b5c.1b60: 00007ff842a0e000-00007ff842a4efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2941b5c.1b60: 00007ff842a4f000-00007ff842a57fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2951b5c.1b60: 00007ff842a58000-00007ff842a64fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2961b5c.1b60: 00007ff842a65000-00007ff842a65fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2971b5c.1b60: 00007ff842a66000-00007ff842a68fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2981b5c.1b60: 00007ff842a69000-00007ff842ad0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2991b5c.1b60: 00007ff842ad1000-00007ff0855c1fff 0x0001/0x0000 0x0000000
3001b5c.1b60: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
3011b5c.1b60: VirtualBox.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
3021b5c.1b60: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3031b5c.1b60: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
3041b5c.1b60: supR3HardNtChildPurify: Done after 320 ms and 0 fixes (loop #0).
3051b64.1b68: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0295a00
3061b64.1b68: supR3HardenedVmProcessInit: uNtDllAddr=00007ff842910000
3071b64.1b68: ntdll.dll: timestamp 0x56540c3b (rc=VINF_SUCCESS)
3081b64.1b68: New simple heap: #1 0000000000500000 LB 0x400000 (for 1839104 allocation)
3091b5c.1b60: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000500000 LB 0x400000)
3101b5c.1b60: supR3HardNtEnableThreadCreation:
3111b64.1b68: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
3121b64.1b68: System32: \Device\HarddiskVolume3\Windows\System32
3131b64.1b68: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
3141b64.1b68: KnownDllPath: C:\Windows\system32
3151b64.1b68: supR3HardenedVmProcessInit: Opening vboxdrv...
3161b64.1b68: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3171b64.1b68: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3181b64.1b68: Registered Dll notification callback with NTDLL.
3191b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
3201b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
3211b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
3221b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83f610000 LB 0x001e8000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
3231b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
3241b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
3251b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff842320000 LB 0x000ad000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
3261b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3271b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842320000 'C:\Windows\system32\KERNEL32.DLL'
3281b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff6f6050000 LB 0x0012c000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
3291b64.1b68: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3301b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3311b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
3321b64.1b68: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff842986a80 pvNtTerminateThread=00007ff8429b5830
3331b5c.1b60: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 69 ms.
3341b64.1b68: \SystemRoot\System32\ntdll.dll:
3351b64.1b68: CreationTime: 2015-12-05T03:44:59.473740700Z
3361b64.1b68: LastWriteTime: 2015-12-05T03:44:59.473740700Z
3371b64.1b68: ChangeTime: 2015-12-05T03:45:25.439150100Z
3381b64.1b68: FileAttributes: 0x20
3391b64.1b68: Size: 0x1bba48
3401b64.1b68: NT Headers: 0xe0
3411b64.1b68: Timestamp: 0x56540c3b
3421b64.1b68: Machine: 0x8664 - amd64
3431b64.1b68: Timestamp: 0x56540c3b
3441b64.1b68: Image Version: 10.0
3451b64.1b68: SizeOfImage: 0x1c1000 (1839104)
3461b64.1b68: Resource Dir: 0x159000 LB 0x66218
3471b64.1b68: ProductName: Microsoft® Windows® Operating System
3481b64.1b68: ProductVersion: 10.0.10586.20
3491b64.1b68: FileVersion: 10.0.10586.20 (th2_release_sec.151123-1940)
3501b64.1b68: FileDescription: NT Layer DLL
3511b64.1b68: \SystemRoot\System32\kernel32.dll:
3521b64.1b68: CreationTime: 2015-10-30T07:17:46.221743200Z
3531b64.1b68: LastWriteTime: 2015-10-30T07:17:46.221743200Z
3541b64.1b68: ChangeTime: 2015-12-26T04:22:02.733935500Z
3551b64.1b68: FileAttributes: 0x20
3561b64.1b68: Size: 0xac430
3571b64.1b68: NT Headers: 0xf0
3581b64.1b68: Timestamp: 0x5632d5aa
3591b64.1b68: Machine: 0x8664 - amd64
3601b64.1b68: Timestamp: 0x5632d5aa
3611b64.1b68: Image Version: 10.0
3621b64.1b68: SizeOfImage: 0xad000 (708608)
3631b64.1b68: Resource Dir: 0xab000 LB 0x528
3641b64.1b68: ProductName: Microsoft® Windows® Operating System
3651b64.1b68: ProductVersion: 10.0.10586.0
3661b64.1b68: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
3671b64.1b68: FileDescription: Windows NT BASE API Client DLL
3681b64.1b68: \SystemRoot\System32\KernelBase.dll:
3691b64.1b68: CreationTime: 2015-10-30T07:18:03.596688800Z
3701b64.1b68: LastWriteTime: 2015-10-30T07:18:03.596688800Z
3711b64.1b68: ChangeTime: 2015-12-26T04:22:02.812585300Z
3721b64.1b68: FileAttributes: 0x20
3731b64.1b68: Size: 0x1e7a08
3741b64.1b68: NT Headers: 0xf0
3751b64.1b68: Timestamp: 0x5632d1de
3761b64.1b68: Machine: 0x8664 - amd64
3771b64.1b68: Timestamp: 0x5632d1de
3781b64.1b68: Image Version: 10.0
3791b64.1b68: SizeOfImage: 0x1e8000 (1998848)
3801b64.1b68: Resource Dir: 0x1d1000 LB 0x540
3811b64.1b68: ProductName: Microsoft® Windows® Operating System
3821b64.1b68: ProductVersion: 10.0.10586.0
3831b64.1b68: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
3841b64.1b68: FileDescription: Windows NT BASE API Client DLL
3851b64.1b68: \SystemRoot\System32\apisetschema.dll:
3861b64.1b68: CreationTime: 2015-10-30T07:17:57.502957900Z
3871b64.1b68: LastWriteTime: 2015-10-30T07:17:57.502957900Z
3881b64.1b68: ChangeTime: 2015-11-21T03:46:03.326382100Z
3891b64.1b68: FileAttributes: 0x20
3901b64.1b68: Size: 0x16d60
3911b64.1b68: NT Headers: 0xc8
3921b64.1b68: Timestamp: 0x5632d94c
3931b64.1b68: Machine: 0x8664 - amd64
3941b64.1b68: Timestamp: 0x5632d94c
3951b64.1b68: Image Version: 10.0
3961b64.1b68: SizeOfImage: 0x18000 (98304)
3971b64.1b68: Resource Dir: 0x17000 LB 0x400
3981b64.1b68: ProductName: Microsoft® Windows® Operating System
3991b64.1b68: ProductVersion: 10.0.10586.0
4001b64.1b68: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
4011b64.1b68: FileDescription: ApiSet Schema DLL
4021b64.1b68: supR3HardenedWinFindAdversaries: 0x0
4031b64.1b68: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
4041b64.1b68: Calling main()
4051b64.1b68: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4061b64.1b68: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
4071b64.1b68: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4081b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4091b64.1b68: SUPR3HardenedMain: Final process, opening VBoxDrv...
4101b64.1b68: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000500000 LB 0x400000)
4111b64.1b68: supR3HardNtEnableThreadCreation:
4121b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
4131b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
4141b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4151b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4161b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff82a160000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
4171b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4181b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4191b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4201b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a160000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4211b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4221b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4231b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a160000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4241b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a160000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4251b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4261b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
4271b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
4281b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
4291b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
4301b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
4311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4331b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
4341b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
4351b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4361b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4371b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4381b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'msasn1.dll'.
4391b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
4401b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4411b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4421b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4431b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
4441b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
4451b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4461b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4471b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
4481b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4491b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4501b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4511b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4521b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4531b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4541b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4551b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4561b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff842160000 LB 0x0009d000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
4571b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4581b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83efb0000 LB 0x00010000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
4591b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4601b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83f800000 LB 0x001c7000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
4611b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4621b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840570000 LB 0x0011c000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
4631b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4641b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83fa20000 LB 0x00055000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
4651b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4661b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\system32\Wintrust.dll'
4671b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
4681b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
4691b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4701b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4711b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83eb30000 LB 0x00029000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
4721b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4731b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83eb30000 'C:\Windows\system32\bcrypt.dll'
4741b64.1b68: bcrypt.dll loaded at 00007ff83eb30000, BCryptOpenAlgorithmProvider at 00007ff83eb33b50, preloading providers:
4751b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
4761b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
4771b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4781b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83fc80000 LB 0x0006a000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
4791b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4801b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fc80000 'C:\Windows\system32\bcryptprimitives.dll'
4811b64.1b68: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000009594d0)
4821b64.1b68: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000959b90)
4831b64.1b68: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000959e60)
4841b64.1b68: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000095a1c0)
4851b64.1b68: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000095ace0)
4861b64.1b68: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000095aff0)
4871b64.1b68: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000095b300)
4881b64.1b68: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000095b5d0)
4891b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4901b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4911b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
4921b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4931b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4941b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
4951b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4961b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4971b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
4981b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4991b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5001b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
5011b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5021b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5031b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
5041b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5051b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5061b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
5071b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5081b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5091b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
5101b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
5111b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
5121b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83e910000 LB 0x00017000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
5131b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5141b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'bcrypt.dll'.
5151b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
5161b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
5171b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
5181b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
5191b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5201b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5211b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5221b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83e5a0000 LB 0x00034000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
5231b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5241b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
5251b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
5261b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
5271b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
5281b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83ea30000 LB 0x0000b000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
5291b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5301b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
5321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
5331b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
5341b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5351b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842320000 'C:\Windows\system32\kernel32.dll'
5361b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5371b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
5381b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5391b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
5401b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\CRYPT32.dll'
5411b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff8409f0000 LB 0x0001c000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
5421b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5431b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
5441b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
5451b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5461b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5471b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5481b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5491b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5501b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
5511b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff842100000 LB 0x0005b000 C:\Windows\system32\sechost.dll [fFlags=0x0]
5521b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
5531b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
5541b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
5551b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5561b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
5571b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
5581b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
5591b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83df30000 LB 0x00024000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
5601b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
5611b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83ef80000 LB 0x00014000 C:\Windows\system32\profapi.dll [fFlags=0x0]
5621b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
5631b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
5641b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5651b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
5661b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
5671b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
5681b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
5691b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
5701b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5721b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5731b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5741b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5751b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5761b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5771b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5781b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5791b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5801b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5811b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5821b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5831b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5841b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5851b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff82cd50000 LB 0x0002f000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
5861b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5871b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5881b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
5891b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
5901b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5911b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
5921b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
5931b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5941b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
5951b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
5961b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
5971b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
5981b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
5991b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6001b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6011b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6021b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6031b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6041b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6051b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6061b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6071b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6081b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6091b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6101b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6111b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6121b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6131b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6141b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6151b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\system32\cryptnet.dll'
6161b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6171b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82cd50000 'C:\Windows\System32\cryptnet.dll'
6181b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840a80000 LB 0x000a7000 C:\Windows\system32\advapi32.dll [fFlags=0x0]
6191b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6201b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
6211b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
6221b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
6231b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
6241b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6251b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6261b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6271b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6281b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
6291b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
6301b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
6311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6331b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6341b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6351b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
6361b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6371b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6381b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
6391b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
6401b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000099c060
6411b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
6421b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4F4645960244EFDD42AB975126D4872FA9265CC5
6431b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6441b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6451b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff840570000 'C:\Windows\system32\rpcrt4.dll'
6461b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6471b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
6481b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6491b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
6501b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6511b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
6521b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6531b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
6541b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6551b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
6561b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6571b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
6581b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6591b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6601b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\System32\WINTRUST.DLL'
6611b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6621b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6631b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
6641b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6651b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6661b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
6671b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_709_for_KB3116900~31bf3856ad364e35~amd64~~10.0.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
6681b64.1b68: g_pfnWinVerifyTrust=00007ff83fa274d0
6691b64.1b68: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
6701b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6711b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6721b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
6731b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6741b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6751b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
6761b64.1b68: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
6771b64.1b68: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
6781b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6791b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6801b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
6811b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
6821b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6831b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
6841b64.1b68: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
6851b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6861b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6871b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
6881b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
6891b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
6901b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000374 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
6911b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
6921b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
6931b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=357A4685FBBF5E8A1472AE56D4B122532A042630
6941b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6951b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
6961b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
6971b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-ds-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
6981b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
6991b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
7001b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7011b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7021b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7031b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
7041b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7051b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7061b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7071b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
7081b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7091b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7101b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7111b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
7121b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7131b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7141b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7151b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
7161b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7171b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7181b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7191b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
7201b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7211b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7221b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
7231b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7241b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7251b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
7261b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
7271b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7281b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7291b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7301b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
7311b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7321b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7331b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
7341b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7351b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7361b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
7371b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7381b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7391b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
7401b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7411b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7421b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
7431b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7441b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7451b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
7461b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7471b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
7481b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7491b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe'
7501b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7511b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7521b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
7531b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7541b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7551b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
7561b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7571b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
7581b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
7591b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
7601b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
7611b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
7621b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
7631b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
7641b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
7651b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
7661b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xa9b7aebae6f9e100 CN=Surface4
7671b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
7681b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
7691b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
7701b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
7711b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
7721b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
7731b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
7741b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
7751b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
7761b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
7771b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
7781b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
7791b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
7801b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
7811b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
7821b64.1b68: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
7831b64.1b68: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=26
7841b64.1b68: SUPR3HardenedMain: Load Runtime...
7851b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7861b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
7871b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
7881b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
7891b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
7901b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
7911b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
7921b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7931b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7941b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
7951b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
7961b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
7971b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
7981b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
7991b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
8001b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
8011b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
8021b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
8031b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
8041b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8051b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8061b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
8071b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
8081b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8091b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
8101b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
8111b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8121b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8131b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8141b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8151b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8161b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
8171b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
8181b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
8191b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
8201b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
8211b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8221b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8231b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
8241b64.1b68: supR3HardenedDllNotificationCallback: load 0000000053150000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
8251b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8261b64.1b68: supR3HardenedDllNotificationCallback: load 0000000053230000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
8271b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
8281b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840a10000 LB 0x0006b000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
8291b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
8301b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff81df60000 LB 0x00562000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
8311b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8321b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8331b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
8341b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8351b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8361b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8371b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8381b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8391b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8401b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8411b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8421b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8431b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8441b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8451b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8461b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8471b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8481b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8491b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8501b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8511b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8521b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8531b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8541b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8551b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8561b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8571b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8581b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8591b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8601b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8611b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8621b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8631b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8641b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8651b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8661b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8671b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8681b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8691b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8701b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8711b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8721b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8731b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8741b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8751b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8761b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8771b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
8781b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8791b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8801b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8811b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8821b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81df60000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8831b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fa20000 'C:\Windows\system32\Wintrust.dll'
8841b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
8851b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
8861b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
8871b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
8881b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
8891b64.1b68: SUPR3HardenedMain: Load TrustedMain...
8901b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
8911b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8921b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
8931b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
8941b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
8951b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
8961b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
8971b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
8981b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
8991b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtopenglvbox4.dll'.
9001b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
9011b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
9021b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'.
9031b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'shell32.dll'.
9041b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
9051b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
9061b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'comdlg32.dll'.
9071b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
9081b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
9091b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
9101b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
9111b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
9121b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
9131b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
9141b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
9151b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
9161b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
9171b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
9181b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
9191b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
9201b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
9211b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume3\Windows\System32\comdlg32.dll
9221b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
9231b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
9241b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4A350A9728CCF9D9DA5C34E66C65B031F50EE801
9251b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9261b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9271b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
9281b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
9291b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
9301b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
9311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9331b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
9341b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
9351b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
9361b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
9371b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
9381b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
9391b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
9401b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9411b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9421b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
9431b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9441b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9451b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
9461b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
9471b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
9481b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
9491b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9501b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9511b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
9521b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
9531b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
9541b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\comdlg32.dll'
9551b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9561b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9571b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'user32.dll'.
9581b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'shlwapi.dll'.
9591b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'.
9601b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'comctl32.dll'.
9611b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'shell32.dll'.
9621b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'firewallapi.dll'.
9631b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'netapi32.dll'.
9641b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll) WinVerifyTrust
9651b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
9661b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
9671b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
9681b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
9691b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rcNtRedir=0xc0150008]
9701b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
9711b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9721b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\netapi32.dll)
9731b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\netapi32.dll
9741b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'firewallapi.dll'...
9751b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'firewallapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\firewallapi.dll' [rcNtRedir=0xc0150008]
9761b64.1b68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\FirewallAPI.dll'.
9771b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9781b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
9791b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\FirewallAPI.dll)
9801b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\FirewallAPI.dll
9811b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
9821b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
9831b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
9841b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9851b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #65 'user32.dll'.
9861b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #67 'gdi32.dll'.
9871b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
9881b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
9891b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
9901b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
9911b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
9921b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
9931b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
9941b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
9951b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll)
9961b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll
9971b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9981b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9991b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10001b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
10011b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
10021b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
10031b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
10041b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'gdi32.dll'.
10051b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
10061b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
10071b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
10081b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10091b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10101b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10111b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10121b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10131b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10141b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10151b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10161b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10171b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10181b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10191b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10201b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10211b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10221b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10231b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10241b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10251b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10261b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10271b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10281b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
10291b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
10301b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10321b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10331b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10341b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10351b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10361b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10371b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10381b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10391b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10401b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
10411b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10421b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10431b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10441b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10451b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
10461b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
10471b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10481b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
10491b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10501b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
10511b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
10521b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
10531b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
10541b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
10551b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
10561b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10571b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10581b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
10591b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
10601b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
10611b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10621b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
10631b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'bcryptprimitives.dll'.
10641b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
10651b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
10661b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10671b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10681b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
10691b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
10701b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
10711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10721b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10731b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10741b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10751b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
10761b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
10771b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
10781b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
10791b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'.
10801b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'.
10811b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
10821b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
10831b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
10841b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
10851b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
10861b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [redoing WinVerifyTrust]
10871b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
10881b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
10891b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
10901b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10911b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10921b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10931b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10941b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10951b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10961b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10971b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10981b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10991b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11001b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
11011b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
11021b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
11031b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
11041b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11051b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11061b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
11071b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11081b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11091b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
11101b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
11111b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
11121b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
11131b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11141b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11151b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
11161b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
11171b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
11181b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
11191b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
11201b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
11211b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
11221b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
11231b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
11241b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11251b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
11261b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
11271b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
11281b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) WinVerifyTrust
11291b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
11301b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
11311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
11321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11331b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
11341b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11351b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
11361b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
11371b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'.
11381b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
11391b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
11401b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
11411b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
11421b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
11431b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
11441b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
11451b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
11461b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
11471b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
11481b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
11491b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
11501b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
11511b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
11521b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
11531b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
11541b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
11551b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
11561b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
11571b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
11581b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
11591b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
11601b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
11611b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
11621b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
11631b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
11641b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11651b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11661b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
11671b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11681b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11691b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
11701b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
11711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
11721b64.1b68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
11731b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11741b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
11751b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
11761b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
11771b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
11781b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
11791b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
11801b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
11811b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11821b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11831b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
11841b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume3\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
11851b64.1b68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\ddraw.dll'.
11861b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11871b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'.
11881b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'.
11891b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'dciman32.dll'.
11901b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ddraw.dll)
11911b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ddraw.dll
11921b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
11931b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
11941b64.1b68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
11951b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11961b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
11971b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
11981b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
11991b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
12001b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12011b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12021b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
12031b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12041b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12051b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
12061b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12071b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12081b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12091b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12101b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12111b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12121b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
12131b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
12141b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
12151b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
12161b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
12171b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
12181b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
12191b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
12201b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12211b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12221b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
12231b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12241b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12251b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12261b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12271b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
12281b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
12291b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
12301b64.1b68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\winspool.drv'.
12311b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12321b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'.
12331b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\winspool.drv)
12341b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winspool.drv
12351b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
12361b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
12371b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
12381b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
12391b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
12401b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
12411b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
12421b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
12431b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
12441b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
12451b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
12461b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
12471b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
12481b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
12491b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
12501b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12511b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12521b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12531b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12541b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12551b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12561b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
12571b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
12581b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
12591b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
12601b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
12611b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12621b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12631b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
12641b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12651b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12661b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
12671b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12681b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12691b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12701b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
12721b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
12731b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
12741b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12751b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12761b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12771b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12781b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
12791b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
12801b64.1b68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
12811b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12821b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12831b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
12841b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume3\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
12851b64.1b68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\dciman32.dll'.
12861b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12871b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
12881b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
12891b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dciman32.dll)
12901b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dciman32.dll
12911b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12921b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12931b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12941b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12951b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12961b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12971b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12981b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12991b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13001b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13011b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13021b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13031b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
13041b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
13051b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
13061b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
13071b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
13081b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
13091b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
13101b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
13111b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
13121b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
13131b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
13141b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
13151b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
13161b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
13171b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll) WinVerifyTrust
13181b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13191b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13201b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [redoing WinVerifyTrust]
13211b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13221b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13231b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13241b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13251b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13261b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
13271b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13281b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
13291b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
13301b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
13311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
13321b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
13331b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13341b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13351b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
13361b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13371b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13381b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
13391b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13401b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13411b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
13421b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
13431b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
13441b64.1b68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [lacks WinVerifyTrust]
13451b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
13461b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
13471b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
13481b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
13491b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
13501b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
13511b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
13521b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
13531b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
13541b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
13551b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
13561b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
13571b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13581b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13591b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
13601b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'
13611b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13621b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13631b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
13641b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
13651b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
13661b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13671b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13681b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
13691b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
13701b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
13711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13721b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13731b64.1b68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
13741b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000500 pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
13751b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
13761b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
13771b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A59A12801C3E68C49056D7AF56FE4F31F6CB06E1
13781b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
13791b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
13801b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
13811b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13821b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
13831b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
13841b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
13851b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
13861b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
13871b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [avoiding WinVerifyTrust]
13881b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
13891b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
13901b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
13911b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
13921b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll)
13931b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll
13941b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
13951b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
13961b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
13971b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
13981b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
13991b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
14001b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14011b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\davhlpr.dll)
14021b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\davhlpr.dll
14031b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83fd10000 LB 0x00156000 C:\Windows\system32\USER32.dll [fFlags=0x0]
14041b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83fe70000 LB 0x00186000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
14051b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff822c50000 LB 0x00008000 C:\Windows\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
14061b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
14071b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff81d6d0000 LB 0x000fa000 C:\Windows\SYSTEM32\DDRAW.dll [fFlags=0x0]
14081b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
14091b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff81dc50000 LB 0x0002e000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
14101b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
14111b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff81c710000 LB 0x00129000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
14121b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
14131b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840190000 LB 0x0027d000 C:\Windows\system32\combase.dll [fFlags=0x0]
14141b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
14151b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff8408a0000 LB 0x00143000 C:\Windows\system32\ole32.dll [fFlags=0x0]
14161b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
14171b64.1b68: supR3HardenedDllNotificationCallback: load 0000000052e70000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
14181b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
14191b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83fa80000 LB 0x000b5000 C:\Windows\system32\shcore.dll [fFlags=0x0]
14201b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14211b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
14221b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
14231b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
14241b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
14251b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840020000 LB 0x00052000 C:\Windows\system32\shlwapi.dll [fFlags=0x0]
14261b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [avoiding WinVerifyTrust]
14271b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff81db30000 LB 0x000aa000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\COMCTL32.dll [fFlags=0x0]
14281b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll [avoiding WinVerifyTrust]
14291b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83f9d0000 LB 0x00043000 C:\Windows\system32\cfgmgr32.dll [fFlags=0x0]
14301b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
14311b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
14321b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83efa0000 LB 0x0000f000 C:\Windows\system32\kernel.appcore.dll [fFlags=0x0]
14331b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'.
14341b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
14351b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
14361b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
14371b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83ef30000 LB 0x0004b000 C:\Windows\system32\powrprof.dll [fFlags=0x0]
14381b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14391b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
14401b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
14411b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
14421b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83efc0000 LB 0x00644000 C:\Windows\system32\windows.storage.dll [fFlags=0x0]
14431b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14441b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
14451b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'combase.dll'.
14461b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'profapi.dll'.
14471b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
14481b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
14491b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840b30000 LB 0x0155f000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
14501b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
14511b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83fb40000 LB 0x00086000 C:\Windows\system32\FirewallAPI.dll [fFlags=0x0]
14521b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\FirewallAPI.dll [avoiding WinVerifyTrust]
14531b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83fcf0000 LB 0x00017000 C:\Windows\system32\NETAPI32.dll [fFlags=0x0]
14541b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netapi32.dll [avoiding WinVerifyTrust]
14551b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff826d70000 LB 0x0000c000 C:\Windows\SYSTEM32\DAVHLPR.DLL [fFlags=0x0]
14561b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\davhlpr.dll [avoiding WinVerifyTrust]
14571b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840080000 LB 0x0010b000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
14581b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
14591b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff842200000 LB 0x000c1000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
14601b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
14611b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff8422e0000 LB 0x0003b000 C:\Windows\system32\IMM32.dll [fFlags=0x0]
14621b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
14631b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83d680000 LB 0x0002c000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
14641b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
14651b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83d6e0000 LB 0x00023000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
14661b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
14671b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff822170000 LB 0x00084000 C:\Windows\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
14681b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
14691b64.1b68: supR3HardenedDllNotificationCallback: load 0000000052500000 LB 0x0096c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
14701b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [avoiding WinVerifyTrust]
14711b64.1b68: supR3HardenedDllNotificationCallback: load 0000000052420000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
14721b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
14731b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff81c840000 LB 0x00abe000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
14741b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
14751b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
14761b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
14771b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
14781b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
14791b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
14801b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
14811b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
14821b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
14831b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
14841b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
14851b64.1b68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\davhlpr.dll'.
14861b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\davhlpr.dll' [rescheduled]
14871b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll'.
14881b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll' [rescheduled]
14891b64.1b68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\dciman32.dll'.
14901b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dciman32.dll' [rescheduled]
14911b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
14921b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
14931b64.1b68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\winspool.drv'.
14941b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rescheduled]
14951b64.1b68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
14961b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
14971b64.1b68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\ddraw.dll'.
14981b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\ddraw.dll' [rescheduled]
14991b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
15001b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll' [rescheduled]
15011b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
15021b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
15031b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
15041b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
15051b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
15061b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rescheduled]
15071b64.1b68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\FirewallAPI.dll'.
15081b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\FirewallAPI.dll' [rescheduled]
15091b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
15101b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rescheduled]
15111b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
15121b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
15131b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [redoing WinVerifyTrust]
15141b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
15151b64.1b68: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\imm32.dll
15161b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
15171b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
15181b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
15191b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
15201b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15211b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
15221b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
15231b64.1b68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
15241b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15251b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15261b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15271b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15281b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15291b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15301b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15331b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15341b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15351b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15361b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
15371b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15381b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
15391b64.1b68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
15401b64.1b68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
15411b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15421b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15431b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15441b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15451b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15461b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15471b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15481b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15491b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15501b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15511b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15521b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15531b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
15541b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15551b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8422e0000 'C:\Windows\system32\imm32.dll'
15561b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15571b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
15581b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\fwbase.dll)
15591b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\fwbase.dll
15601b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83dcb0000 LB 0x00032000 C:\Windows\SYSTEM32\fwbase.dll [fFlags=0x0]
15611b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\fwbase.dll [avoiding WinVerifyTrust]
15621b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c840000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
15631b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005e0 pwszName=\Device\HarddiskVolume3\Windows\System32\fwbase.dll
15641b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
15651b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
15661b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6E4D167517C7EAF637013768F544E99C63255E3F
15671b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15681b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15691b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
15701b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15721b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
15731b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
15741b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Network-Security-MPSSVC-net-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\fwbase.dll'
15751b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15761b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\fwbase.dll'
15771b64.1b68: SUPR3HardenedMain: Calling TrustedMain (00007ff81c8410d0)...
15781b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
15791b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15801b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
15811b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000608 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
15821b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
15831b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
15841b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4F9BD6CD3F872DBBFCD5F712A95134C3D7F47679
15851b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
15861b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
15871b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
15881b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15891b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15901b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
15911b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
15921b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust
15931b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
15941b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15951b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15961b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15971b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15981b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15991b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16001b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
16011b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16021b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83d8b0000 LB 0x00096000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
16031b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16041b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d8b0000 'C:\Windows\system32\uxtheme.dll'
16051b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff840410000 LB 0x0015a000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
16061b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16071b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
16081b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
16091b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'.
16101b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
16111b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
16121b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
16131b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
16141b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
16151b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16161b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16171b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
16181b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16191b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16201b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16211b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16221b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
16231b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
16241b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
16251b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000658 pwszName=\Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
16261b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
16271b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
16281b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00B1D22BEE028A00D326866A2ACFB5C55928321B
16291b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
16301b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
16311b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TabletPC-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll'
16321b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16331b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16341b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
16351b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'user32.dll'.
16361b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll) WinVerifyTrust
16371b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
16381b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16391b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16401b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16411b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16421b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16431b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16441b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
16451b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
16461b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff82c270000 LB 0x000a3000 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll [fFlags=0x0]
16471b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
16481b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82c270000 'C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll'
16491b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16501b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
16511b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'.
16521b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)
16531b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
16541b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83c8c0000 LB 0x00022000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
16551b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
16561b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000670 pwszName=\Device\HarddiskVolume3\Windows\System32\dwmapi.dll
16571b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
16581b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
16591b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A8900DBF59D51D3F67CECDDA4ED1690DFAAE4945
16601b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16611b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16621b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16631b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16641b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16651b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16661b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
16671b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
16681b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Composition-Core-windows-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
16691b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16701b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
16711b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
16721b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16731b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff840b30000 'C:\Windows\system32\shell32.dll'
16741b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
16751b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16761b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842320000 'C:\Windows\system32\kernel32.dll'
16771b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16781b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16791b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d8b0000 'C:\Windows\system32\uxtheme.dll'
16801b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16811b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16821b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d8b0000 'C:\Windows\system32\uxtheme.dll'
16831b64.1b68: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
16841b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16851b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
16861b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fd10000 'C:\Windows\system32\user32.dll'
16871b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
16881b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16891b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d8b0000 'C:\Windows\system32\uxtheme.dll'
16901b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fd10000 'C:\Windows\system32\user32.dll'
16911b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
16921b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16931b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff840a80000 'C:\Windows\system32\advapi32.dll'
16941b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
16951b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
16961b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16971b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
16981b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'profapi.dll'.
16991b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) WinVerifyTrust
17001b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
17011b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
17021b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
17031b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
17041b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17051b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17061b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17071b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17081b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
17091b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17101b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
17111b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83e6f0000 LB 0x0001f000 C:\Windows\system32\userenv.dll [fFlags=0x0]
17121b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
17131b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e6f0000 'C:\Windows\system32\userenv.dll'
17141b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
17151b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17161b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842320000 'C:\Windows\system32\kernel32.dll'
17171b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff842860000 LB 0x000a7000 C:\Windows\system32\clbcatq.dll [fFlags=0x0]
17181b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17191b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
17201b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
17211b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
17221b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17231b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17241b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17251b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17261b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
17271b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
17281b64.1bb0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
17291b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
17301b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
17311b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
17321b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
17331b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
17341b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
17351b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
17361b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
17371b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
17381b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
17391b64.1bb0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
17401b64.1bb0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
17411b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17421b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17431b64.1bb0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
17441b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17451b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17461b64.1bb0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
17471b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
17481b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
17491b64.1bb0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
17501b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
17511b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
17521b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
17531b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
17541b64.1bb0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17551b64.1bb0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll) WinVerifyTrust
17561b64.1bb0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
17571b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17581b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17591b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17601b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17611b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
17621b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
17631b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17641b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17651b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
17661b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
17671b64.1bb0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\psapi.dll) WinVerifyTrust
17681b64.1bb0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\psapi.dll
17691b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17701b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17711b64.1bb0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
17721b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17731b64.1bb0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17741b64.1bb0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17751b64.1bb0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17761b64.1bb0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
17771b64.1bb0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
17781b64.1bb0: supR3HardenedDllNotificationCallback: load 00007ff8422d0000 LB 0x00008000 C:\Windows\system32\PSAPI.DLL [fFlags=0x0]
17791b64.1bb0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\psapi.dll
17801b64.1bb0: supR3HardenedDllNotificationCallback: load 00007ff82e0a0000 LB 0x0000a000 C:\Windows\SYSTEM32\VERSION.dll [fFlags=0x0]
17811b64.1bb0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
17821b64.1bb0: supR3HardenedDllNotificationCallback: load 00007ff81c130000 LB 0x005d8000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
17831b64.1bb0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
17841b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c130000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
17851b64.1bb0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
17861b64.1bb0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17871b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842200000 'C:\Windows\System32\oleaut32.dll'
17881b64.1bb0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sxs.dll)
17891b64.1bb0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sxs.dll
17901b64.1bb0: supR3HardenedDllNotificationCallback: load 00007ff83edf0000 LB 0x00099000 C:\Windows\SYSTEM32\sxs.dll [fFlags=0x0]
17911b64.1bb0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sxs.dll [avoiding WinVerifyTrust]
17921b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
17931b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
17941b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sxs.dll'
17951b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
17961b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17971b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842200000 'C:\Windows\system32\OLEAUT32.dll'
17981b64.1b68: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
17991b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18001b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
18011b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fe70000 'C:\Windows\system32\gdi32.dll'
18021b64.1ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
18031b64.1ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
18041b64.1ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
18051b64.1ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
18061b64.1ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
18071b64.1ba4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll) WinVerifyTrust
18081b64.1ba4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
18091b64.1ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
18101b64.1ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
18111b64.1ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18121b64.1ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18131b64.1ba4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18141b64.1ba4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
18151b64.1ba4: supR3HardenedDllNotificationCallback: load 00007ff822c40000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
18161b64.1ba4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
18171b64.1ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff822c40000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
18181b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fd10000 'C:\Windows\system32\user32.dll'
18191b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
18201b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18211b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff840b30000 'C:\Windows\system32\shell32.dll'
18221b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxoglhostcrutil.dll'.
18231b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
18241b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
18251b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtcorevbox4.dll'.
18261b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtguivbox4.dll'.
18271b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtopenglvbox4.dll'.
18281b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'opengl32.dll'.
18291b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
18301b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
18311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
18321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
18331b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
18341b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
18351b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
18361b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
18371b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
18381b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
18391b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust]
18401b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
18411b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
18421b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
18431b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18441b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18451b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
18461b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
18471b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
18481b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
18491b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll'.
18501b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
18511b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
18521b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shlwapi.dll'.
18531b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
18541b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll)
18551b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
18561b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
18571b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
18581b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
18591b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
18601b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
18611b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
18621b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
18631b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
18641b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18651b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18661b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
18671b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
18681b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
18691b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll'
18701b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b08 pwszName=\Device\HarddiskVolume3\Windows\System32\apphelp.dll
18711b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
18721b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
18731b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7D6CF34D1A960395AC5BAC8C12C55BA05EAF6211
18741b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
18751b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
18761b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-base~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\apphelp.dll'
18771b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18781b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll) WinVerifyTrust
18791b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
18801b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
18811b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll
18821b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83ce60000 LB 0x00079000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
18831b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll
18841b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83ce60000 'C:\Windows\system32\apphelp.dll'
18851b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b20 pwszName=\Device\HarddiskVolume3\Windows\System32\DataExchange.dll
18861b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
18871b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
18881b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=75640CA57CB5630DA16BB2F35FAEDB2EAB5C3525
18891b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
18901b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
18911b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\DataExchange.dll'
18921b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18931b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18941b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
18951b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'combase.dll'.
18961b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'd3d11.dll'.
18971b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dcomp.dll'.
18981b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) WinVerifyTrust
18991b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
19001b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
19011b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume3\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
19021b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
19031b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
19041b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19051b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dcomp.dll) WinVerifyTrust
19061b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dcomp.dll
19071b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
19081b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
19091b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
19101b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19111b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19121b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19131b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
19141b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
19151b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19161b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'dxgi.dll'.
19171b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll) WinVerifyTrust
19181b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll
19191b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
19201b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
19211b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
19221b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
19231b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
19241b64.1b68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'.
19251b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19261b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
19271b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll)
19281b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll
19291b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19301b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19311b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19331b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19341b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19351b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
19361b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
19371b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
19381b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
19391b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
19401b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [redoing WinVerifyTrust]
19411b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
19421b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
19431b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
19441b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19451b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19461b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
19471b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
19481b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
19491b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
19501b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
19511b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83c440000 LB 0x000a2000 C:\Windows\system32\dxgi.dll [fFlags=0x0]
19521b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
19531b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83c500000 LB 0x002a8000 C:\Windows\system32\d3d11.dll [fFlags=0x0]
19541b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
19551b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83ca70000 LB 0x000e3000 C:\Windows\system32\dcomp.dll [fFlags=0x0]
19561b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
19571b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff82b5b0000 LB 0x0004a000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
19581b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
19591b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82b5b0000 'C:\Windows\system32\dataexchange.dll'
19601b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
19611b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
19621b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'
19631b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19641b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'bcrypt.dll'.
19651b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
19661b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
19671b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
19681b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
19691b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83da50000 LB 0x00100000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
19701b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
19711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
19721b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
19731b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
19741b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19751b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19761b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
19771b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
19781b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
19791b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19801b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19811b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
19821b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
19831b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll'
19841b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
19851b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
19861b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff840410000 'C:\Windows\system32\MSCTF.dll'
19871b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
19881b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19891b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8408a0000 'C:\Windows\system32\ole32.dll'
19901b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
19911b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19921b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842200000 'C:\Windows\system32\OLEAUT32.dll'
19931b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bf0 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
19941b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
19951b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
19961b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3488B506C76AED41BC3048EF4C38C6A11D8B3CC4
19971b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
19981b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
19991b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-WinMgmt-admin-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
20001b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20011b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20021b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
20031b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
20041b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
20051b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
20061b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
20071b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
20081b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bc0 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
20091b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
20101b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
20111b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D0F5B8FB82A59EE0D6149941C8198202D2D48FDA
20121b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
20131b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
20141b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-WinMgmt-admin-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
20151b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20161b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20171b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'bcrypt.dll'.
20181b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'ws2_32.dll'.
20191b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust
20201b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
20211b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20221b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
20231b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
20241b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20251b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20261b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20271b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
20281b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
20291b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
20301b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
20311b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
20321b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20331b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20341b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20351b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
20361b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
20371b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83aef0000 LB 0x0007f000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
20381b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
20391b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83af70000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
20401b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
20411b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20421b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f610000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
20431b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83af70000 'C:\Windows\system32\wbem\wbemprox.dll'
20441b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ba4 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
20451b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
20461b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
20471b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9CE21DDF09B1BCCF1977CBD665E28F9BA3B97D79
20481b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
20491b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
20501b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-WinMgmt-admin-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
20511b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20521b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20531b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
20541b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
20551b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
20561b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20571b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20581b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20591b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20601b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20611b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
20621b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83a910000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
20631b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
20641b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83a910000 'C:\Windows\system32\wbem\wbemsvc.dll'
20651b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20661b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f610000 'api-ms-win-core-localization-l1-2-0.dll'
20671b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20681b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f610000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
20691b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c28 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
20701b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
20711b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
20721b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFD9E9630890EA6E6C472D5579966609C56F9EFD
20731b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
20741b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
20751b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-WinMgmt-admin-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
20761b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20771b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20781b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
20791b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
20801b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
20811b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
20821b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
20831b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
20841b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20851b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20861b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20871b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
20881b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff83a930000 LB 0x000f6000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
20891b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
20901b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83a930000 'C:\Windows\system32\wbem\fastprox.dll'
20911b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cc4 pwszName=\Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
20921b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
20931b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
20941b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EA102CB2AA5069DA412B46D68D4B5654BC4814B7
20951b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
20961b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
20971b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_101_for_KB3116900~31bf3856ad364e35~amd64~~10.0.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll'
20981b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20991b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21001b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
21011b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
21021b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'userenv.dll'.
21031b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll) WinVerifyTrust
21041b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
21051b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
21061b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
21071b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
21081b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21091b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21101b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21111b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
21121b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
21131b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21141b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21151b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\uiautomationcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
21161b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
21171b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff82c7b0000 LB 0x0015c000 C:\Windows\System32\uiautomationcore.dll [fFlags=0x0]
21181b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
21191b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82c7b0000 'C:\Windows\System32\uiautomationcore.dll'
21201b64.1bb0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
21211b64.1bb0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\UIAutomationCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
21221b64.1bb0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82c7b0000 'C:\Windows\System32\UIAutomationCore.dll'
21231b64.16e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
21241b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21251b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
21261b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'user32.dll'.
21271b64.1b68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\oleacc.dll)
21281b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleacc.dll
21291b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff82bcf0000 LB 0x0006a000 C:\Windows\System32\OLEACC.dll [fFlags=0x0]
21301b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll [avoiding WinVerifyTrust]
21311b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bd0 pwszName=\Device\HarddiskVolume3\Windows\System32\oleacc.dll
21321b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
21331b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
21341b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80AF08EAAA3B466CA568E746F092AFB1B8A2E6EE
21351b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21361b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21371b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21381b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21391b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21401b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21411b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
21421b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
21431b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\oleacc.dll'
21441b64.1b68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21451b64.1b68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\oleacc.dll'
21461b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842200000 'C:\Windows\system32\OLEAUT32.DLL'
21471b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
21481b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21491b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82bcf0000 'C:\Windows\system32\oleacc.dll'
21501b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
21511b64.16e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
21521b64.16e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
21531b64.16e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
21541b64.16e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
21551b64.16e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
21561b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
21571b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
21581b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
21591b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
21601b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qtguivbox4.dll'.
21611b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
21621b64.1b68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
21631b64.1b68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll) WinVerifyTrust
21641b64.1b68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll
21651b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21661b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21671b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
21681b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
21691b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
21701b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
21711b64.1b68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
21721b64.1b68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [redoing WinVerifyTrust]
21731b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
21741b64.16e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
21751b64.16e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
21761b64.16e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
21771b64.16e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
21781b64.16e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
21791b64.16e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
21801b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21811b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21821b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21831b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21841b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
21851b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
21861b64.16e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
21871b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
21881b64.16e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
21891b64.16e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21901b64.16e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
21911b64.16e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
21921b64.16e0: supR3HardenedDllNotificationCallback: load 0000000052310000 LB 0x0010a000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
21931b64.16e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
21941b64.16e0: supR3HardenedDllNotificationCallback: load 00007ff81fd40000 LB 0x0029c000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
21951b64.16e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
21961b64.16e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81fd40000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
21971b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
21981b64.1b68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'
21991b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22001b64.1b68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll
22011b64.1b68: supR3HardenedDllNotificationCallback: load 00007ff81d800000 LB 0x0003b000 C:\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll [fFlags=0x0]
22021b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll
22031b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81d800000 'C:\Program Files\Oracle\VirtualBox\accessible\qtaccessiblewidgets4.dll'
22041b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
22051b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22061b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82bcf0000 'C:\Windows\System32\oleacc.dll'
22071b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
22081b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22091b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8408a0000 'C:\Windows\system32\ole32.dll'
22101b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
22111b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22121b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82c270000 'C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll'
22131b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ndis.sys'.
22141b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ntoskrnl.exe'.
22151b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetAdp6.sys)
22161b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetAdp6.sys
22171b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetAdp6.sys [avoiding WinVerifyTrust]
22181b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22191b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
22201b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
22211b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetLwf.sys)
22221b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetLwf.sys
22231b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetLwf.sys [avoiding WinVerifyTrust]
22241b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22251b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\VBoxUSBMon.sys)
22261b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\VBoxUSBMon.sys
22271b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\VBoxUSBMon.sys [avoiding WinVerifyTrust]
22281b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22291b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\VBoxDrv.sys)
22301b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\VBoxDrv.sys
22311b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\VBoxDrv.sys [avoiding WinVerifyTrust]
22321b64.dc0: \Device\HarddiskVolume3\Windows\System32\drivers\VBoxMouse.sys: Owner is administrators group.
22331b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22341b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\VBoxMouse.sys)
22351b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\VBoxMouse.sys
22361b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\VBoxMouse.sys [avoiding WinVerifyTrust]
22371b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22381b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22391b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe'.
22401b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'hal.dll'.
22411b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'pshed.dll'.
22421b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'bootvid.dll'.
22431b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'kdcom.dll'.
22441b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ci.dll'.
22451b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'msrpc.sys'.
22461b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe)
22471b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe
22481b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22491b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22501b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
22511b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22521b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22531b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
22541b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
22551b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume3\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
22561b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\drivers\netio.sys'.
22571b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22581b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
22591b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msrpc.sys'.
22601b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\netio.sys)
22611b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\netio.sys
22621b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
22631b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
22641b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys'.
22651b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22661b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
22671b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
22681b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'wpprecorder.sys'.
22691b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys)
22701b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys
22711b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22721b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22731b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
22741b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22751b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22761b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
22771b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
22781b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
22791b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys [lacks WinVerifyTrust]
22801b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wpprecorder.sys'...
22811b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wpprecorder.sys' -> '\Device\HarddiskVolume3\Windows\System32\drivers\wpprecorder.sys' [rcNtRedir=0xc0150008]
22821b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\drivers\WppRecorder.sys'.
22831b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22841b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\WppRecorder.sys)
22851b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\WppRecorder.sys
22861b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
22871b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume3\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
22881b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\netio.sys [lacks WinVerifyTrust]
22891b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
22901b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume3\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
22911b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\hal.dll'.
22921b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
22931b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'kdcom.dll'.
22941b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'pshed.dll'.
22951b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\hal.dll)
22961b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\hal.dll
22971b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
22981b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
22991b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23001b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
23011b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msrpc.sys' -> '\Device\HarddiskVolume3\Windows\System32\drivers\msrpc.sys' [rcNtRedir=0xc0150008]
23021b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\drivers\msrpc.sys'.
23031b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
23041b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\drivers\msrpc.sys)
23051b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\drivers\msrpc.sys
23061b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
23071b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
23081b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys [lacks WinVerifyTrust]
23091b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23101b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23111b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23121b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
23131b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Failed to locate 'msrpc.sys'
23141b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ci.dll'...
23151b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ci.dll' -> '\Device\HarddiskVolume3\Windows\System32\ci.dll' [rcNtRedir=0xc0150008]
23161b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\ci.dll'.
23171b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
23181b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
23191b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ci.dll)
23201b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ci.dll
23211b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
23221b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume3\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
23231b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kdcom.dll'.
23241b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
23251b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
23261b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kdcom.dll)
23271b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kdcom.dll
23281b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bootvid.dll'...
23291b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bootvid.dll' -> '\Device\HarddiskVolume3\Windows\System32\bootvid.dll' [rcNtRedir=0xc0150008]
23301b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\BOOTVID.DLL'.
23311b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
23321b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\BOOTVID.DLL)
23331b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\BOOTVID.DLL
23341b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
23351b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume3\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
23361b64.afc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\PSHED.DLL'.
23371b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
23381b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
23391b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\PSHED.DLL)
23401b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\PSHED.DLL
23411b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
23421b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume3\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
23431b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\hal.dll [lacks WinVerifyTrust]
23441b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
23451b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume3\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
23461b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\hal.dll [lacks WinVerifyTrust]
23471b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23481b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23491b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23501b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23511b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23521b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23531b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
23541b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume3\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
23551b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\hal.dll [lacks WinVerifyTrust]
23561b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23571b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23581b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23591b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
23601b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume3\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
23611b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\hal.dll [lacks WinVerifyTrust]
23621b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23631b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23641b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23651b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23661b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23671b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23681b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
23691b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume3\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
23701b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\PSHED.DLL [lacks WinVerifyTrust]
23711b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
23721b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume3\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
23731b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kdcom.dll [lacks WinVerifyTrust]
23741b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23751b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23761b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23771b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
23781b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
23791b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
23801b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23811b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\VBoxMouse.sys'
23821b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23831b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\VBoxDrv.sys'
23841b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23851b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\VBoxUSBMon.sys'
23861b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23871b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetLwf.sys'
23881b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23891b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\VBoxNetAdp6.sys'
23901b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23911b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
23921b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\PSHED.DLL'
23931b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23941b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
23951b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\BOOTVID.DLL'
23961b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
23971b64.afc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
23981b64.afc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23991b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24001b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kdcom.dll'
24011b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24021b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24031b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ci.dll'
24041b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24051b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24061b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\msrpc.sys'
24071b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24081b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24091b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\hal.dll'
24101b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24111b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24121b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\WppRecorder.sys'
24131b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24141b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24151b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\ndis.sys'
24161b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24171b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24181b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\drivers\netio.sys'
24191b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24201b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
24211b64.afc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ntoskrnl.exe'
24221b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24231b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24241b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
24251b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24261b64.afc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
24271b64.afc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
24281b64.afc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
24291b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24301b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
24311b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24321b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24331b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
24341b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
24351b64.afc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24361b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24371b64.afc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24381b64.afc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24391b64.afc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
24401b64.afc: supR3HardenedDllNotificationCallback: load 00007ff831f60000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
24411b64.afc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
24421b64.afc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831f60000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
24431b64.1838: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24441b64.1838: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24451b64.1838: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
24461b64.1838: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24471b64.1838: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
24481b64.1838: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
24491b64.1838: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24501b64.1838: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24511b64.1838: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
24521b64.1838: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
24531b64.1838: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
24541b64.1838: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24551b64.1838: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24561b64.1838: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24571b64.1838: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
24581b64.1838: supR3HardenedDllNotificationCallback: load 00007ff831f50000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
24591b64.1838: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
24601b64.1838: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831f50000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
24611b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
24621b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24631b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24641b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
24651b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24661b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxvmm.dll'.
24671b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxoglrenderspu.dll'.
24681b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
24691b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
24701b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
24711b64.18a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll) WinVerifyTrust
24721b64.18a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
24731b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24741b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24751b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24761b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24771b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24781b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24791b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24801b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglrenderspu.dll'...
24811b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglrenderspu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglrenderspu.dll' [rcNtRedir=0xc0150008]
24821b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
24831b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24841b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
24851b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24861b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
24871b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
24881b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
24891b64.18a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll) WinVerifyTrust
24901b64.18a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
24911b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
24921b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
24931b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
24941b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24951b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24961b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
24971b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
24981b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
24991b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25001b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25011b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
25021b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25031b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
25041b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
25051b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
25061b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25071b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25081b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25091b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25101b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
25111b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
25121b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
25131b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25141b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25151b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25161b64.18a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
25171b64.18a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
25181b64.18a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
25191b64.18a4: supR3HardenedDllNotificationCallback: load 00007ff8308b0000 LB 0x00034000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll [fFlags=0x0]
25201b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
25211b64.18a4: supR3HardenedDllNotificationCallback: load 00007ff830850000 LB 0x00028000 C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll [fFlags=0x0]
25221b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
25231b64.18a4: supR3HardenedDllNotificationCallback: load 00007ff830490000 LB 0x0012c000 C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL [fFlags=0x0]
25241b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
25251b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830490000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL'
25261b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
25271b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25281b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830850000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll'
25291b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
25301b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25311b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
25321b64.18a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll) WinVerifyTrust
25331b64.18a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
25341b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
25351b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
25361b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
25371b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25381b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25391b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25401b64.18a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
25411b64.18a4: supR3HardenedDllNotificationCallback: load 00007ff8306f0000 LB 0x0001a000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll [fFlags=0x0]
25421b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
25431b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8306f0000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll'
25441b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
25451b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/opengl32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25461b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32/opengl32.dll'
25471b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
25481b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25491b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
25501b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fe70000 'C:\Windows\system32\gdi32.dll'
25511b64.18a4: \Device\HarddiskVolume3\Windows\System32\ig9icd64.dll: Owner is administrators group.
25521b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e1c pwszName=\Device\HarddiskVolume3\Windows\System32\ig9icd64.dll
25531b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
25541b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
25551b64.1b68: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll' [redir]
25561b64.1b68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll [redoing WinVerifyTrust]
25571b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
25581b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
25591b64.1b68: supR3HardenedScreenImage/LdrLoadDll: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll'
25601b64.1b68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25611b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81db30000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll'
25621b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=97A1A9CE92D4D8D711DC45D464431928BA9239C3
25631b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
25641b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem64.cat'; file='\Device\HarddiskVolume3\Windows\System32\ig9icd64.dll'
25651b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25661b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'shell32.dll'.
25671b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'opengl32.dll'.
25681b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
25691b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
25701b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
25711b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'igc64.dll'.
25721b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wtsapi32.dll'.
25731b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
25741b64.18a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ig9icd64.dll) WinVerifyTrust
25751b64.18a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ig9icd64.dll
25761b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
25771b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
25781b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
25791b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wtsapi32.dll'...
25801b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wtsapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\wtsapi32.dll' [rcNtRedir=0xc0150008]
25811b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
25821b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
25831b64.18a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25841b64.18a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wtsapi32.dll) WinVerifyTrust
25851b64.18a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wtsapi32.dll
25861b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'igc64.dll'...
25871b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'igc64.dll' -> '\Device\HarddiskVolume3\Windows\System32\igc64.dll' [rcNtRedir=0xc0150008]
25881b64.18a4: \Device\HarddiskVolume3\Windows\System32\igc64.dll: Owner is administrators group.
25891b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25901b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25911b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
25921b64.18a4: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume3\Windows\System32\igc64.dll'
25931b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e68 pwszName=\Device\HarddiskVolume3\Windows\System32\igc64.dll
25941b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
25951b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
25961b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=64AFA14DBEA7B5DCCE24086CCFE29584BF8D4368
25971b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
25981b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem64.cat'; file='\Device\HarddiskVolume3\Windows\System32\igc64.dll'
25991b64.18a4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)
26001b64.18a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\igc64.dll) WinVerifyTrust
26011b64.18a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\igc64.dll
26021b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26031b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
26041b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
26051b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
26061b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26071b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26081b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
26091b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
26101b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
26111b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
26121b64.18a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
26131b64.18a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
26141b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ig9icd64.dll (Input=ig9icd64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26151b64.18a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ig9icd64.dll
26161b64.18a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\igc64.dll
26171b64.18a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wtsapi32.dll
26181b64.18a4: supR3HardenedDllNotificationCallback: load 00007ff836e40000 LB 0x00e6c000 C:\Windows\SYSTEM32\igc64.dll [fFlags=0x0]
26191b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\igc64.dll
26201b64.18a4: supR3HardenedDllNotificationCallback: load 00007ff83d440000 LB 0x00013000 C:\Windows\SYSTEM32\WTSAPI32.dll [fFlags=0x0]
26211b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wtsapi32.dll
26221b64.18a4: supR3HardenedDllNotificationCallback: load 00007ff819680000 LB 0x00cea000 C:\Windows\system32\ig9icd64.dll [fFlags=0x0]
26231b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ig9icd64.dll
26241b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff819680000 'C:\Windows\system32\ig9icd64.dll'
26251b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fe70000 'C:\Windows\system32\gdi32.dll'
26261b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26271b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26281b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26291b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26301b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26311b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26321b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26331b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
26341b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\version.dll (Input=version.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26351b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82e0a0000 'C:\Windows\system32\version.dll'
26361b64.18a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
26371b64.18a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26381b64.18a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c710000 'C:\Windows\system32\OPENGL32.dll'
26391b64.18fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
26401b64.18fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26411b64.18fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26421b64.18fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26431b64.18fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
26441b64.18fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26451b64.18fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26461b64.18fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26471b64.18fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
26481b64.18fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
26491b64.18fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26501b64.18fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26511b64.18fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26521b64.18fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26531b64.18fc: supR3HardenedDllNotificationCallback: load 00007ff831f40000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
26541b64.18fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26551b64.18fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831f40000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
26561b64.2d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
26571b64.2d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26581b64.2d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26591b64.2d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26601b64.2d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
26611b64.2d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26621b64.2d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26631b64.2d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26641b64.2d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
26651b64.2d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
26661b64.2d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26671b64.2d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26681b64.2d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26691b64.2d8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26701b64.2d8: supR3HardenedDllNotificationCallback: load 00007ff830830000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
26711b64.2d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26721b64.2d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830830000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
26731b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
26741b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26751b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff840b30000 'C:\Windows\system32/Shell32.dll'
26761b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
26771b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26781b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81fd40000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
26791b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
26801b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26811b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26821b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
26831b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
26841b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
26851b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
26861b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
26871b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26881b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
26891b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26901b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
26911b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26921b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26931b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26941b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26951b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26961b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26971b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26981b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
26991b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff8306b0000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
27001b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
27011b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8306b0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
27021b64.dc0: supR3HardenedDllNotificationCallback: Unload 00007ff8306b0000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
27031b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
27041b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
27051b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27061b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
27071b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27081b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
27091b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
27101b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
27111b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
27121b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
27131b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
27141b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
27151b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
27161b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
27171b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
27181b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
27191b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
27201b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
27211b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
27221b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
27231b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
27241b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
27251b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
27261b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
27271b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
27281b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
27291b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
27301b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
27311b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
27321b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'cfgmgr32.dll'.
27331b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
27341b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
27351b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust
27361b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
27371b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27381b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27391b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
27401b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
27411b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
27421b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27431b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27441b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27451b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27461b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
27471b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
27481b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
27491b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
27501b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27511b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
27521b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27531b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
27541b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
27551b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
27561b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
27571b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27581b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27591b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27601b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27611b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27621b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27631b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27641b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
27651b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27661b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
27671b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
27681b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
27691b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
27701b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
27711b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
27721b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
27731b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27741b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27751b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27761b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27771b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27781b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27791b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27801b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27811b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
27821b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
27831b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume3\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
27841b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f90 pwszName=\Device\HarddiskVolume3\Windows\System32\newdev.dll
27851b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
27861b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
27871b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=668FD39FDE68075AB44D78A92AF8BD445DF77C1A
27881b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
27891b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
27901b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-base~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\newdev.dll'
27911b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27921b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27931b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
27941b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
27951b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'uxtheme.dll'.
27961b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'cfgmgr32.dll'.
27971b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'setupapi.dll'.
27981b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\newdev.dll) WinVerifyTrust
27991b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\newdev.dll
28001b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
28011b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
28021b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
28031b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28041b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28051b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28061b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28071b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28081b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28091b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
28101b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
28111b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
28121b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
28131b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
28141b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [redoing WinVerifyTrust]
28151b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28161b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
28171b64.dc0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
28181b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
28191b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
28201b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
28211b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
28221b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
28231b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28241b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28251b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28261b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28271b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28281b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
28291b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28301b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28311b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
28321b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\newdev.dll
28331b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28341b64.dc0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\devrtl.dll)
28351b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devrtl.dll
28361b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff842430000 LB 0x00429000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
28371b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
28381b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff834670000 LB 0x00013000 C:\Windows\SYSTEM32\devrtl.DLL [fFlags=0x0]
28391b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
28401b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff822f60000 LB 0x00082000 C:\Windows\SYSTEM32\newdev.dll [fFlags=0x0]
28411b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\newdev.dll
28421b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff81d840000 LB 0x00061000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
28431b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28441b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff8306b0000 LB 0x00035000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
28451b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28461b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83c0a0000 LB 0x00038000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
28471b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
28481b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff818d90000 LB 0x008e5000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
28491b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
28501b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff818d90000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
28511b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f5c pwszName=\Device\HarddiskVolume3\Windows\System32\devrtl.dll
28521b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
28531b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
28541b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9566730BDA7E6EB3E1397940D3DD3BA80C5317F3
28551b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28561b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28571b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28581b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
28591b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-base~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
28601b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28611b64.dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
28621b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28631b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
28641b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28651b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
28661b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff830670000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
28671b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
28681b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830670000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
28691b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28701b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
28711b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28721b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c130000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
28731b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28741b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28751b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28761b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8306b0000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
28771b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28781b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28791b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28801b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28811b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
28821b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
28831b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28841b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28851b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28861b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28871b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28881b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
28891b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff830470000 LB 0x0001f000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
28901b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
28911b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830470000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL'
28921b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28931b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
28941b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28951b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28961b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
28971b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
28981b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28991b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29001b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29011b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29021b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29031b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
29041b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff830450000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
29051b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
29061b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830450000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL'
29071b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
29081b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
29091b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29101b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29111b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
29121b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
29131b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29141b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29151b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29161b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29171b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29181b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
29191b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff830430000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
29201b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
29211b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830430000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL'
29221b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
29231b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
29241b64.1878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
29251b64.1878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29261b64.1878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
29271b64.1878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29281b64.1878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
29291b64.1878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29301b64.1878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
29311b64.1878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
29321b64.1878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29331b64.1878: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29341b64.1878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
29351b64.1878: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
29361b64.1878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29371b64.1878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29381b64.1878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29391b64.1878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
29401b64.1878: supR3HardenedDllNotificationCallback: load 00007ff830600000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
29411b64.1878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
29421b64.1878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830600000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
29431b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
29441b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
29451b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29461b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29471b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
29481b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
29491b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
29501b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
29511b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
29521b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
29531b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
29541b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
29551b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
29561b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29571b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29581b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29591b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29601b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29611b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29621b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29631b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
29641b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff81c060000 LB 0x000c4000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
29651b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
29661b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81c060000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL'
29671b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
29681b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29691b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83c0a0000 'C:\Windows\system32/Iphlpapi.dll'
29701b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
29711b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
29721b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll)
29731b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
29741b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff840010000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
29751b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
29761b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
29771b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83afd0000 LB 0x0000b000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
29781b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
29791b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
29801b64.dc0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll)
29811b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
29821b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83afb0000 LB 0x00016000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
29831b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
29841b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
29851b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
29861b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
29871b64.dc0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll)
29881b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
29891b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83af90000 LB 0x0001a000 C:\Windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
29901b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
29911b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000010cc pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
29921b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
29931b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
29941b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1B252225ADEF97FEC2943324DF61B5FDC9AB3A05
29951b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
29961b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
29971b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
29981b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29991b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
30001b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
30011b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30021b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30031b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30041b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30051b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
30061b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
30071b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
30081b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30091b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30101b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30111b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30121b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-minio-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
30131b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30141b64.dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
30151b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000010c0 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
30161b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
30171b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
30181b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C2FEBD2E98F4EB4C528973059B9FC09175BAA914
30191b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30201b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30211b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-minio-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
30221b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30231b64.dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
30241b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30251b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30261b64.dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
30271b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30281b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30291b64.dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winnsi.dll'
30301b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001144 pwszName=\Device\HarddiskVolume3\Windows\System32\dsound.dll
30311b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
30321b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
30331b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5C46CF6D8C425A34B7EDE4E8FD0F2E4A8182CBB1
30341b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30351b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30361b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SKU-Foundation-Package-avcore-noindeo-Group-avcore-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\dsound.dll'
30371b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30381b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30391b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'advapi32.dll'.
30401b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
30411b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'winmm.dll'.
30421b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dsound.dll) WinVerifyTrust
30431b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dsound.dll
30441b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
30451b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
30461b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
30471b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30481b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30491b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30501b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
30511b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30521b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30531b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30541b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
30551b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff830390000 LB 0x0009c000 C:\Windows\system32\dsound.dll [fFlags=0x0]
30561b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
30571b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
30581b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30591b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830390000 'C:\Windows\system32\dsound.dll'
30601b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830390000 'C:\Windows\system32/dsound.dll'
30611b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30621b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30631b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30641b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
30651b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'.
30661b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'.
30671b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) WinVerifyTrust
30681b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
30691b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
30701b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
30711b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30721b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30731b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30741b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
30751b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
30761b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll) WinVerifyTrust
30771b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\propsys.dll
30781b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
30791b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
30801b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30811b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30821b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
30831b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
30841b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30851b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30861b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
30871b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
30881b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30891b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
30901b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) WinVerifyTrust
30911b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
30921b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30931b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30941b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30951b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30961b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
30971b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
30981b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
30991b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31001b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31011b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
31021b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
31031b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
31041b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
31051b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83d950000 LB 0x00027000 C:\Windows\System32\DEVOBJ.dll [fFlags=0x0]
31061b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
31071b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83d460000 LB 0x00186000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
31081b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
31091b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83b130000 LB 0x00070000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
31101b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
31111b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83b130000 'C:\Windows\System32\MMDevApi.dll'
31121b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
31131b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31141b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83b130000 'C:\Windows\system32\MMDEVAPI.DLL'
31151b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
31161b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
31171b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
31181b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011b4 pwszName=\Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31191b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
31201b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
31211b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0E241BE9D4F52A26C9ED7BD86312051FE44DA417
31221b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
31231b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
31241b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Multimedia-MMECoreWdmAudio-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wdmaud.drv'
31251b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31261b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31271b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'.
31281b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
31291b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'winmm.dll'.
31301b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'avrt.dll'.
31311b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'mmdevapi.dll'.
31321b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv) WinVerifyTrust
31331b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31341b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
31351b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
31361b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
31371b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
31381b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
31391b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
31401b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
31411b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll) WinVerifyTrust
31421b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll
31431b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
31441b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
31451b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
31461b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
31471b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
31481b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
31491b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
31501b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
31511b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
31521b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31531b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll) WinVerifyTrust
31541b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll
31551b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31561b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31571b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31581b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31591b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
31601b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31611b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
31621b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
31631b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff834e80000 LB 0x00008000 C:\Windows\SYSTEM32\ksuser.dll [fFlags=0x0]
31641b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
31651b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff838b60000 LB 0x0000b000 C:\Windows\SYSTEM32\AVRT.dll [fFlags=0x0]
31661b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
31671b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff82a1f0000 LB 0x00042000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
31681b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31691b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
31701b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31711b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
31721b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
31731b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31741b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
31751b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
31761b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31771b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
31781b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
31791b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
31801b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
31811b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
31821b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
31831b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
31841b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31851b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
31861b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
31871b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'mmdevapi.dll'.
31881b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll) WinVerifyTrust
31891b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
31901b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
31911b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
31921b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
31931b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
31941b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
31951b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
31961b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
31971b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31981b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31991b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32001b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
32011b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32021b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'combase.dll'.
32031b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
32041b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
32051b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
32061b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff83b4d0000 LB 0x00136000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
32071b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
32081b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff824950000 LB 0x00088000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
32091b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
32101b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff824950000 'C:\Windows\system32\AUDIOSES.DLL'
32111b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32121b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32131b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
32141b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
32151b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
32161b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32171b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32181b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
32191b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
32201b64.dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'
32211b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
32221b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32231b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
32241b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
32251b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32261b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
32271b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
32281b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
32291b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
32301b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82a1f0000 'C:\Windows\system32\wdmaud.drv'
32311b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000010d0 pwszName=\Device\HarddiskVolume3\Windows\System32\msacm32.drv
32321b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
32331b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
32341b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7E2C15A147F336A77E08F63DA2B7DC249BAC5291
32351b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
32361b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
32371b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SKU-Foundation-Package-avcore-noindeo-Group-avcore-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\msacm32.drv'
32381b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32391b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32401b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
32411b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'.
32421b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
32431b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'.
32441b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv) WinVerifyTrust
32451b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32461b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
32471b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
32481b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32491b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
32501b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
32511b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
32521b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
32531b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
32541b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32551b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll) WinVerifyTrust
32561b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll
32571b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
32581b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
32591b64.dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
32601b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32611b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32621b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32631b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32641b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32651b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32661b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
32671b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff831f80000 LB 0x0001c000 C:\Windows\SYSTEM32\MSACM32.dll [fFlags=0x0]
32681b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
32691b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff831fa0000 LB 0x0000c000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
32701b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32711b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32721b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32731b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32741b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32751b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32761b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32771b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32781b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32791b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32801b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32811b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32821b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32831b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32841b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32851b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32861b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32871b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
32881b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
32891b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32901b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32911b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32921b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fa0000 'C:\Windows\system32\msacm32.drv'
32931b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001248 pwszName=\Device\HarddiskVolume3\Windows\System32\midimap.dll
32941b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000099c060
32951b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000099c060
32961b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=92C5FAE1499C6920F25025123B65102443C15281
32971b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
32981b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83f800000 'C:\Windows\system32\crypt32.dll'
32991b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SKU-Foundation-Package-avcore-noindeo-Group-avcore-Package~31bf3856ad364e35~amd64~~10.0.10586.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\midimap.dll'
33001b64.dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33011b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33021b64.dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'.
33031b64.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\midimap.dll) WinVerifyTrust
33041b64.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
33051b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
33061b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
33071b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
33081b64.dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
33091b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
33101b64.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
33111b64.dc0: supR3HardenedDllNotificationCallback: load 00007ff8319b0000 LB 0x0000a000 C:\Windows\system32\midimap.dll [fFlags=0x0]
33121b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
33131b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8319b0000 'C:\Windows\system32\midimap.dll'
33141b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
33151b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
33161b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8319b0000 'C:\Windows\system32\midimap.dll'
33171b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
33181b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
33191b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8319b0000 'C:\Windows\system32\midimap.dll'
33201b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
33211b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
33221b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8319b0000 'C:\Windows\system32\midimap.dll'
33231b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33241b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33251b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33261b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33271b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33281b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
33291b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33301b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33311b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
33321b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
33331b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff830390000 'C:\Windows\System32\dsound.dll'
33341b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33351b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33361b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33371b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33381b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83d6e0000 'C:\Windows\system32\winmm.dll'
33391b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff81fd40000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
33401b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83e5a0000 'C:\Windows\system32\rsaenh.dll'
33411b64.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
33421b64.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33431b64.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff842320000 'C:\Windows\system32/kernel32.dll'
33441b64.1b68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff83fd10000 'C:\Windows\system32\user32.dll'
33451b64.18ec: '\Device\HarddiskVolume3\Windows\System32\tzres.dll' has no imports
33461b64.18ec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\tzres.dll)
33471b64.18ec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\tzres.dll
33481b64.18ec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\tzres.dll [avoiding WinVerifyTrust]

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy