VirtualBox

Ticket #16516: VBoxHardening.log

File VBoxHardening.log, 369.0 KB (added by Benne, 8 years ago)

VBoxHardening.log

Line 
11770.2404: Log file opened: 5.1.14r112924 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
21770.2404: \SystemRoot\System32\ntdll.dll:
31770.2404: CreationTime: 2016-12-16T14:19:44.947794000Z
41770.2404: LastWriteTime: 2016-10-11T15:34:46.170628400Z
51770.2404: ChangeTime: 2016-12-16T14:55:45.960428700Z
61770.2404: FileAttributes: 0x20
71770.2404: Size: 0x1a7100
81770.2404: NT Headers: 0xe0
91770.2404: Timestamp: 0x57fd0651
101770.2404: Machine: 0x8664 - amd64
111770.2404: Timestamp: 0x57fd0651
121770.2404: Image Version: 6.1
131770.2404: SizeOfImage: 0x1aa000 (1744896)
141770.2404: Resource Dir: 0x14e000 LB 0x5a028
151770.2404: ProductName: Microsoft® Windows® Operating System
161770.2404: ProductVersion: 6.1.7601.23572
171770.2404: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
181770.2404: FileDescription: NT Layer DLL
191770.2404: \SystemRoot\System32\kernel32.dll:
201770.2404: CreationTime: 2016-12-16T14:19:44.854192200Z
211770.2404: LastWriteTime: 2016-10-11T15:31:56.010000000Z
221770.2404: ChangeTime: 2016-12-16T14:55:46.069614700Z
231770.2404: FileAttributes: 0x20
241770.2404: Size: 0x11c000
251770.2404: NT Headers: 0xe0
261770.2404: Timestamp: 0x57fd0695
271770.2404: Machine: 0x8664 - amd64
281770.2404: Timestamp: 0x57fd0695
291770.2404: Image Version: 6.1
301770.2404: SizeOfImage: 0x11f000 (1175552)
311770.2404: Resource Dir: 0x116000 LB 0x528
321770.2404: ProductName: Microsoft® Windows® Operating System
331770.2404: ProductVersion: 6.1.7601.23572
341770.2404: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
351770.2404: FileDescription: Windows NT BASE API Client DLL
361770.2404: \SystemRoot\System32\KernelBase.dll:
371770.2404: CreationTime: 2016-12-16T14:19:44.822991600Z
381770.2404: LastWriteTime: 2016-10-11T15:31:56.010000000Z
391770.2404: ChangeTime: 2016-12-16T14:55:46.069614700Z
401770.2404: FileAttributes: 0x20
411770.2404: Size: 0x66800
421770.2404: NT Headers: 0xe8
431770.2404: Timestamp: 0x57fd0696
441770.2404: Machine: 0x8664 - amd64
451770.2404: Timestamp: 0x57fd0696
461770.2404: Image Version: 6.1
471770.2404: SizeOfImage: 0x6a000 (434176)
481770.2404: Resource Dir: 0x68000 LB 0x530
491770.2404: ProductName: Microsoft® Windows® Operating System
501770.2404: ProductVersion: 6.1.7601.23572
511770.2404: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
521770.2404: FileDescription: Windows NT BASE API Client DLL
531770.2404: \SystemRoot\System32\apisetschema.dll:
541770.2404: CreationTime: 2016-12-16T14:19:44.620187700Z
551770.2404: LastWriteTime: 2016-10-11T15:31:50.862000000Z
561770.2404: ChangeTime: 2016-12-16T14:55:45.960428700Z
571770.2404: FileAttributes: 0x20
581770.2404: Size: 0x1a00
591770.2404: NT Headers: 0xc0
601770.2404: Timestamp: 0x57fd062f
611770.2404: Machine: 0x8664 - amd64
621770.2404: Timestamp: 0x57fd062f
631770.2404: Image Version: 6.1
641770.2404: SizeOfImage: 0x50000 (327680)
651770.2404: Resource Dir: 0x30000 LB 0x3f8
661770.2404: ProductName: Microsoft® Windows® Operating System
671770.2404: ProductVersion: 6.1.7601.23572
681770.2404: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
691770.2404: FileDescription: ApiSet Schema DLL
701770.2404: Found driver SymNetS (0x2)
711770.2404: Found driver SymDS (0x2)
721770.2404: Found driver SRTSPX (0x2)
731770.2404: Found driver SymEvent (0x2)
741770.2404: Found driver SymIRON (0x2)
751770.2404: supR3HardenedWinFindAdversaries: 0x2
761770.2404: \SystemRoot\System32\drivers\symevent64x86.sys:
771770.2404: CreationTime: 2012-06-14T09:07:22.176580600Z
781770.2404: LastWriteTime: 2013-07-26T12:45:50.044433200Z
791770.2404: ChangeTime: 2013-07-26T12:45:50.044433200Z
801770.2404: FileAttributes: 0x2020
811770.2404: Size: 0x2b4a0
821770.2404: NT Headers: 0xe8
831770.2404: Timestamp: 0x50346f1e
841770.2404: Machine: 0x8664 - amd64
851770.2404: Timestamp: 0x50346f1e
861770.2404: Image Version: 6.0
871770.2404: SizeOfImage: 0x38000 (229376)
881770.2404: Resource Dir: 0x36000 LB 0x3c8
891770.2404: ProductName: SYMEVENT
901770.2404: ProductVersion: 12.9.3.1
911770.2404: FileVersion: 12.9.3.1
921770.2404: FileDescription: Symantec Event Library
931770.2404: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
941770.2404: Calling main()
951770.2404: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
961770.2404: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
971770.2404: SUPR3HardenedMain: Respawn #1
981770.2404: System32: \Device\HarddiskVolume1\Windows\System32
991770.2404: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
1001770.2404: KnownDllPath: C:\Windows\system32
1011770.2404: '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe' has no imports
1021770.2404: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe)
1031770.2404: supR3HardNtEnableThreadCreation:
1041770.2404: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000774ba360 pvNtTerminateThread=00000000774dc260
1051770.2404: supR3HardenedWinDoReSpawn(1): New child 2564.1904 [kernel32].
1061770.2404: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
1071770.2404: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077490000 uNtDllChildAddr=0000000077490000
1081770.2404: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000774ba360
1091770.2404: supR3HardenedWinSetupChildInit: Start child.
1101770.2404: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
1111770.2404: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
1121770.2404: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1131770.2404: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1141770.2404: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
1151770.2404: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
1161770.2404: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
1171770.2404: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
1181770.2404: 0000000000041000-ffffffffffe81fff 0x0001/0x0000 0x0000000
1191770.2404: *0000000000200000-0000000000103fff 0x0000/0x0004 0x0020000
1201770.2404: 00000000002fc000-00000000002f9fff 0x0104/0x0004 0x0020000
1211770.2404: 00000000002fe000-00000000002fbfff 0x0004/0x0004 0x0020000
1221770.2404: 0000000000300000-ffffffff8916ffff 0x0001/0x0000 0x0000000
1231770.2404: *0000000077490000-0000000077490fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1241770.2404: 0000000077491000-000000007758dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1251770.2404: 000000007758e000-00000000775bcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1261770.2404: 00000000775bd000-00000000775c6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1271770.2404: 00000000775c7000-00000000775c7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1281770.2404: 00000000775c8000-00000000775cafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1291770.2404: 00000000775cb000-0000000077639fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1301770.2404: 000000007763a000-000000006fc93fff 0x0001/0x0000 0x0000000
1311770.2404: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
1321770.2404: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1331770.2404: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1341770.2404: 000000007fff0000-ffffffffc05fffff 0x0001/0x0000 0x0000000
1351770.2404: *000000013f9e0000-000000013f9e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1361770.2404: 000000013f9e1000-000000013fa4ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1371770.2404: 000000013fa50000-000000013fa50fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1381770.2404: 000000013fa51000-000000013fa95fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1391770.2404: 000000013fa96000-000000013fa96fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1401770.2404: 000000013fa97000-000000013fa97fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1411770.2404: 000000013fa98000-000000013fa9cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1421770.2404: 000000013fa9d000-000000013fa9dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1431770.2404: 000000013fa9e000-000000013fa9efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1441770.2404: 000000013fa9f000-000000013faa2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1451770.2404: 000000013faa3000-000000013faeafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
1461770.2404: 000000013faeb000-fffff8037fe25fff 0x0001/0x0000 0x0000000
1471770.2404: *000007feff7b0000-000007feff7b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
1481770.2404: 000007feff7b1000-000007fdfefb1fff 0x0001/0x0000 0x0000000
1491770.2404: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
1501770.2404: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
1511770.2404: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
1521770.2404: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
1531770.2404: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
1541770.2404: apisetschema.dll: timestamp 0x57fd062f (rc=VINF_SUCCESS)
1551770.2404: VirtualBox.exe: timestamp 0x587cf70b (rc=VINF_SUCCESS)
1561770.2404: '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe' has no imports
1571770.2404: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
1581770.2404: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
1591770.2404: supR3HardNtChildPurify: Done after 559 ms and 0 fixes (loop #0).
1601770.2404: supR3HardNtEnableThreadCreation:
1612564.1904: Log file opened: 5.1.14r112924 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
1622564.1904: supR3HardenedVmProcessInit: uNtDllAddr=0000000077490000 g_uNtVerCombined=0x611db100
1632564.1904: ntdll.dll: timestamp 0x57fd0651 (rc=VINF_SUCCESS)
1642564.1904: New simple heap: #1 0000000000300000 LB 0x400000 (for 1744896 allocation)
1652564.1904: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
1662564.1904: System32: \Device\HarddiskVolume1\Windows\System32
1672564.1904: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
1682564.1904: KnownDllPath: C:\Windows\system32
1692564.1904: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1702564.1904: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1712564.1904: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1722564.1904: Registered Dll notification callback with NTDLL.
1732564.1904: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
1742564.1904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
1752564.1904: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1762564.1904: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1772564.1904: supR3HardenedDllNotificationCallback: load 0000000077370000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
1782564.1904: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1792564.1904: supR3HardenedDllNotificationCallback: load 000007fefd290000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1802564.1904: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
1812564.1904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
1822564.1904: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077370000 'C:\Windows\system32\kernel32.dll'
1832564.1904: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000774ba360 pvNtTerminateThread=00000000774dc260
1841770.2404: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 24 ms.
1852564.1904: \SystemRoot\System32\ntdll.dll:
1862564.1904: CreationTime: 2016-12-16T14:19:44.947794000Z
1872564.1904: LastWriteTime: 2016-10-11T15:34:46.170628400Z
1882564.1904: ChangeTime: 2016-12-16T14:55:45.960428700Z
1892564.1904: FileAttributes: 0x20
1902564.1904: Size: 0x1a7100
1912564.1904: NT Headers: 0xe0
1922564.1904: Timestamp: 0x57fd0651
1932564.1904: Machine: 0x8664 - amd64
1942564.1904: Timestamp: 0x57fd0651
1952564.1904: Image Version: 6.1
1962564.1904: SizeOfImage: 0x1aa000 (1744896)
1972564.1904: Resource Dir: 0x14e000 LB 0x5a028
1982564.1904: ProductName: Microsoft® Windows® Operating System
1992564.1904: ProductVersion: 6.1.7601.23572
2002564.1904: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
2012564.1904: FileDescription: NT Layer DLL
2022564.1904: \SystemRoot\System32\kernel32.dll:
2032564.1904: CreationTime: 2016-12-16T14:19:44.854192200Z
2042564.1904: LastWriteTime: 2016-10-11T15:31:56.010000000Z
2052564.1904: ChangeTime: 2016-12-16T14:55:46.069614700Z
2062564.1904: FileAttributes: 0x20
2072564.1904: Size: 0x11c000
2082564.1904: NT Headers: 0xe0
2092564.1904: Timestamp: 0x57fd0695
2102564.1904: Machine: 0x8664 - amd64
2112564.1904: Timestamp: 0x57fd0695
2122564.1904: Image Version: 6.1
2132564.1904: SizeOfImage: 0x11f000 (1175552)
2142564.1904: Resource Dir: 0x116000 LB 0x528
2152564.1904: ProductName: Microsoft® Windows® Operating System
2162564.1904: ProductVersion: 6.1.7601.23572
2172564.1904: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
2182564.1904: FileDescription: Windows NT BASE API Client DLL
2192564.1904: \SystemRoot\System32\KernelBase.dll:
2202564.1904: CreationTime: 2016-12-16T14:19:44.822991600Z
2212564.1904: LastWriteTime: 2016-10-11T15:31:56.010000000Z
2222564.1904: ChangeTime: 2016-12-16T14:55:46.069614700Z
2232564.1904: FileAttributes: 0x20
2242564.1904: Size: 0x66800
2252564.1904: NT Headers: 0xe8
2262564.1904: Timestamp: 0x57fd0696
2272564.1904: Machine: 0x8664 - amd64
2282564.1904: Timestamp: 0x57fd0696
2292564.1904: Image Version: 6.1
2302564.1904: SizeOfImage: 0x6a000 (434176)
2312564.1904: Resource Dir: 0x68000 LB 0x530
2322564.1904: ProductName: Microsoft® Windows® Operating System
2332564.1904: ProductVersion: 6.1.7601.23572
2342564.1904: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
2352564.1904: FileDescription: Windows NT BASE API Client DLL
2362564.1904: \SystemRoot\System32\apisetschema.dll:
2372564.1904: CreationTime: 2016-12-16T14:19:44.620187700Z
2382564.1904: LastWriteTime: 2016-10-11T15:31:50.862000000Z
2392564.1904: ChangeTime: 2016-12-16T14:55:45.960428700Z
2402564.1904: FileAttributes: 0x20
2412564.1904: Size: 0x1a00
2422564.1904: NT Headers: 0xc0
2432564.1904: Timestamp: 0x57fd062f
2442564.1904: Machine: 0x8664 - amd64
2452564.1904: Timestamp: 0x57fd062f
2462564.1904: Image Version: 6.1
2472564.1904: SizeOfImage: 0x50000 (327680)
2482564.1904: Resource Dir: 0x30000 LB 0x3f8
2492564.1904: ProductName: Microsoft® Windows® Operating System
2502564.1904: ProductVersion: 6.1.7601.23572
2512564.1904: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
2522564.1904: FileDescription: ApiSet Schema DLL
2532564.1904: Found driver SymNetS (0x2)
2542564.1904: Found driver SymDS (0x2)
2552564.1904: Found driver SRTSPX (0x2)
2562564.1904: Found driver SymEvent (0x2)
2572564.1904: Found driver SymIRON (0x2)
2582564.1904: supR3HardenedWinFindAdversaries: 0x2
2592564.1904: \SystemRoot\System32\drivers\symevent64x86.sys:
2602564.1904: CreationTime: 2012-06-14T09:07:22.176580600Z
2612564.1904: LastWriteTime: 2013-07-26T12:45:50.044433200Z
2622564.1904: ChangeTime: 2013-07-26T12:45:50.044433200Z
2632564.1904: FileAttributes: 0x2020
2642564.1904: Size: 0x2b4a0
2652564.1904: NT Headers: 0xe8
2662564.1904: Timestamp: 0x50346f1e
2672564.1904: Machine: 0x8664 - amd64
2682564.1904: Timestamp: 0x50346f1e
2692564.1904: Image Version: 6.0
2702564.1904: SizeOfImage: 0x38000 (229376)
2712564.1904: Resource Dir: 0x36000 LB 0x3c8
2722564.1904: ProductName: SYMEVENT
2732564.1904: ProductVersion: 12.9.3.1
2742564.1904: FileVersion: 12.9.3.1
2752564.1904: FileDescription: Symantec Event Library
2762564.1904: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
2772564.1904: Calling main()
2782564.1904: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2792564.1904: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
2802564.1904: '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe' has no imports
2812564.1904: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe)
2822564.1904: SUPR3HardenedMain: Respawn #2
2832564.1904: supR3HardNtEnableThreadCreation:
2842564.1904: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
2852564.1904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
2862564.1904: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2872564.1904: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2882564.1904: supR3HardenedDllNotificationCallback: load 000007fefd000000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2892564.1904: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2902564.1904: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd000000 'C:\Windows\system32\apphelp.dll'
2912564.1904: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000774ba360 pvNtTerminateThread=00000000774dc260
2922564.1904: supR3HardenedWinDoReSpawn(2): New child 12e0.1d88 [kernel32].
2932564.1904: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd4000 cbPeb=0x380
2942564.1904: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077490000 uNtDllChildAddr=0000000077490000
2952564.1904: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000774ba360
2962564.1904: supR3HardenedWinSetupChildInit: Start child.
2972564.1904: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2982564.1904: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
2992564.1904: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
3002564.1904: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
3012564.1904: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
3022564.1904: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
3032564.1904: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
3042564.1904: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
3052564.1904: 0000000000041000-fffffffffff11fff 0x0001/0x0000 0x0000000
3062564.1904: *0000000000170000-0000000000073fff 0x0000/0x0004 0x0020000
3072564.1904: 000000000026c000-0000000000269fff 0x0104/0x0004 0x0020000
3082564.1904: 000000000026e000-000000000026bfff 0x0004/0x0004 0x0020000
3092564.1904: 0000000000270000-ffffffff8904ffff 0x0001/0x0000 0x0000000
3102564.1904: *0000000077490000-0000000077490fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3112564.1904: 0000000077491000-000000007758dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3122564.1904: 000000007758e000-00000000775bcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3132564.1904: 00000000775bd000-00000000775c6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3142564.1904: 00000000775c7000-00000000775c7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3152564.1904: 00000000775c8000-00000000775cafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3162564.1904: 00000000775cb000-0000000077639fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3172564.1904: 000000007763a000-000000006fc93fff 0x0001/0x0000 0x0000000
3182564.1904: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
3192564.1904: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
3202564.1904: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
3212564.1904: 000000007fff0000-ffffffffc05fffff 0x0001/0x0000 0x0000000
3222564.1904: *000000013f9e0000-000000013f9e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3232564.1904: 000000013f9e1000-000000013fa4ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3242564.1904: 000000013fa50000-000000013fa50fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3252564.1904: 000000013fa51000-000000013fa95fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3262564.1904: 000000013fa96000-000000013fa96fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3272564.1904: 000000013fa97000-000000013fa97fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3282564.1904: 000000013fa98000-000000013fa9cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3292564.1904: 000000013fa9d000-000000013fa9dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3302564.1904: 000000013fa9e000-000000013fa9efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3312564.1904: 000000013fa9f000-000000013faa2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3322564.1904: 000000013faa3000-000000013faeafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe
3332564.1904: 000000013faeb000-fffff8037fe25fff 0x0001/0x0000 0x0000000
3342564.1904: *000007feff7b0000-000007feff7b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
3352564.1904: 000007feff7b1000-000007fdfefb1fff 0x0001/0x0000 0x0000000
3362564.1904: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
3372564.1904: 000007fffffd3000-000007fffffd1fff 0x0001/0x0000 0x0000000
3382564.1904: *000007fffffd4000-000007fffffd2fff 0x0004/0x0004 0x0020000
3392564.1904: 000007fffffd5000-000007fffffcbfff 0x0001/0x0000 0x0000000
3402564.1904: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
3412564.1904: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
3422564.1904: apisetschema.dll: timestamp 0x57fd062f (rc=VINF_SUCCESS)
3432564.1904: VirtualBox.exe: timestamp 0x587cf70b (rc=VINF_SUCCESS)
3442564.1904: '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe' has no imports
3452564.1904: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
3462564.1904: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
3472564.1904: supR3HardNtChildPurify: Done after 559 ms and 0 fixes (loop #0).
3482564.1904: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000300000 LB 0x400000)
34912e0.1d88: Log file opened: 5.1.14r112924 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
35012e0.1d88: supR3HardenedVmProcessInit: uNtDllAddr=0000000077490000 g_uNtVerCombined=0x611db100
3512564.1904: supR3HardNtEnableThreadCreation:
35212e0.1d88: ntdll.dll: timestamp 0x57fd0651 (rc=VINF_SUCCESS)
35312e0.1d88: New simple heap: #1 0000000000270000 LB 0x400000 (for 1744896 allocation)
35412e0.1d88: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
35512e0.1d88: System32: \Device\HarddiskVolume1\Windows\System32
35612e0.1d88: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
35712e0.1d88: KnownDllPath: C:\Windows\system32
35812e0.1d88: supR3HardenedVmProcessInit: Opening vboxdrv...
35912e0.1d88: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
36012e0.1d88: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
36112e0.1d88: Registered Dll notification callback with NTDLL.
36212e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
36312e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
36412e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
36512e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
36612e0.1d88: supR3HardenedDllNotificationCallback: load 0000000077370000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
36712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
36812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd290000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
36912e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
37012e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
37112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077370000 'C:\Windows\system32\kernel32.dll'
37212e0.1d88: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000774ba360 pvNtTerminateThread=00000000774dc260
3732564.1904: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 30 ms.
37412e0.1d88: \SystemRoot\System32\ntdll.dll:
37512e0.1d88: CreationTime: 2016-12-16T14:19:44.947794000Z
37612e0.1d88: LastWriteTime: 2016-10-11T15:34:46.170628400Z
37712e0.1d88: ChangeTime: 2016-12-16T14:55:45.960428700Z
37812e0.1d88: FileAttributes: 0x20
37912e0.1d88: Size: 0x1a7100
38012e0.1d88: NT Headers: 0xe0
38112e0.1d88: Timestamp: 0x57fd0651
38212e0.1d88: Machine: 0x8664 - amd64
38312e0.1d88: Timestamp: 0x57fd0651
38412e0.1d88: Image Version: 6.1
38512e0.1d88: SizeOfImage: 0x1aa000 (1744896)
38612e0.1d88: Resource Dir: 0x14e000 LB 0x5a028
38712e0.1d88: ProductName: Microsoft® Windows® Operating System
38812e0.1d88: ProductVersion: 6.1.7601.23572
38912e0.1d88: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
39012e0.1d88: FileDescription: NT Layer DLL
39112e0.1d88: \SystemRoot\System32\kernel32.dll:
39212e0.1d88: CreationTime: 2016-12-16T14:19:44.854192200Z
39312e0.1d88: LastWriteTime: 2016-10-11T15:31:56.010000000Z
39412e0.1d88: ChangeTime: 2016-12-16T14:55:46.069614700Z
39512e0.1d88: FileAttributes: 0x20
39612e0.1d88: Size: 0x11c000
39712e0.1d88: NT Headers: 0xe0
39812e0.1d88: Timestamp: 0x57fd0695
39912e0.1d88: Machine: 0x8664 - amd64
40012e0.1d88: Timestamp: 0x57fd0695
40112e0.1d88: Image Version: 6.1
40212e0.1d88: SizeOfImage: 0x11f000 (1175552)
40312e0.1d88: Resource Dir: 0x116000 LB 0x528
40412e0.1d88: ProductName: Microsoft® Windows® Operating System
40512e0.1d88: ProductVersion: 6.1.7601.23572
40612e0.1d88: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
40712e0.1d88: FileDescription: Windows NT BASE API Client DLL
40812e0.1d88: \SystemRoot\System32\KernelBase.dll:
40912e0.1d88: CreationTime: 2016-12-16T14:19:44.822991600Z
41012e0.1d88: LastWriteTime: 2016-10-11T15:31:56.010000000Z
41112e0.1d88: ChangeTime: 2016-12-16T14:55:46.069614700Z
41212e0.1d88: FileAttributes: 0x20
41312e0.1d88: Size: 0x66800
41412e0.1d88: NT Headers: 0xe8
41512e0.1d88: Timestamp: 0x57fd0696
41612e0.1d88: Machine: 0x8664 - amd64
41712e0.1d88: Timestamp: 0x57fd0696
41812e0.1d88: Image Version: 6.1
41912e0.1d88: SizeOfImage: 0x6a000 (434176)
42012e0.1d88: Resource Dir: 0x68000 LB 0x530
42112e0.1d88: ProductName: Microsoft® Windows® Operating System
42212e0.1d88: ProductVersion: 6.1.7601.23572
42312e0.1d88: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
42412e0.1d88: FileDescription: Windows NT BASE API Client DLL
42512e0.1d88: \SystemRoot\System32\apisetschema.dll:
42612e0.1d88: CreationTime: 2016-12-16T14:19:44.620187700Z
42712e0.1d88: LastWriteTime: 2016-10-11T15:31:50.862000000Z
42812e0.1d88: ChangeTime: 2016-12-16T14:55:45.960428700Z
42912e0.1d88: FileAttributes: 0x20
43012e0.1d88: Size: 0x1a00
43112e0.1d88: NT Headers: 0xc0
43212e0.1d88: Timestamp: 0x57fd062f
43312e0.1d88: Machine: 0x8664 - amd64
43412e0.1d88: Timestamp: 0x57fd062f
43512e0.1d88: Image Version: 6.1
43612e0.1d88: SizeOfImage: 0x50000 (327680)
43712e0.1d88: Resource Dir: 0x30000 LB 0x3f8
43812e0.1d88: ProductName: Microsoft® Windows® Operating System
43912e0.1d88: ProductVersion: 6.1.7601.23572
44012e0.1d88: FileVersion: 6.1.7601.23572 (win7sp1_ldr.161011-0600)
44112e0.1d88: FileDescription: ApiSet Schema DLL
44212e0.1d88: Found driver SymNetS (0x2)
44312e0.1d88: Found driver SymDS (0x2)
44412e0.1d88: Found driver SRTSPX (0x2)
44512e0.1d88: Found driver SymEvent (0x2)
44612e0.1d88: Found driver SymIRON (0x2)
44712e0.1d88: supR3HardenedWinFindAdversaries: 0x2
44812e0.1d88: \SystemRoot\System32\drivers\symevent64x86.sys:
44912e0.1d88: CreationTime: 2012-06-14T09:07:22.176580600Z
45012e0.1d88: LastWriteTime: 2013-07-26T12:45:50.044433200Z
45112e0.1d88: ChangeTime: 2013-07-26T12:45:50.044433200Z
45212e0.1d88: FileAttributes: 0x2020
45312e0.1d88: Size: 0x2b4a0
45412e0.1d88: NT Headers: 0xe8
45512e0.1d88: Timestamp: 0x50346f1e
45612e0.1d88: Machine: 0x8664 - amd64
45712e0.1d88: Timestamp: 0x50346f1e
45812e0.1d88: Image Version: 6.0
45912e0.1d88: SizeOfImage: 0x38000 (229376)
46012e0.1d88: Resource Dir: 0x36000 LB 0x3c8
46112e0.1d88: ProductName: SYMEVENT
46212e0.1d88: ProductVersion: 12.9.3.1
46312e0.1d88: FileVersion: 12.9.3.1
46412e0.1d88: FileDescription: Symantec Event Library
46512e0.1d88: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
46612e0.1d88: Calling main()
46712e0.1d88: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
46812e0.1d88: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox'
46912e0.1d88: '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe' has no imports
47012e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.exe)
47112e0.1d88: SUPR3HardenedMain: Final process, opening VBoxDrv...
47212e0.1d88: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000270000 LB 0x400000)
47312e0.1d88: supR3HardNtEnableThreadCreation:
47412e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.dll)
47512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.dll
47612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026b6d1:<flags> [calling]
47712e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
47812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef6540000 LB 0x00005000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
47912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
48012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
48112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000268e51:<flags> [calling]
48212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6540000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.DLL'
48312e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
48412e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000268e51:<flags> [calling]
48512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6540000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.DLL'
48612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6540000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.DLL'
48712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
48812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
48912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
49012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
49112e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
49212e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
49312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
49412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
49512e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
49612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
49712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
49812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
49912e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
50012e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
50112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
50212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
50312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
50412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
50512e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
50612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
50712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
50812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
50912e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
51012e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
51112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
51212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
51312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
51412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
51512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
51612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
51712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026d4e1:<flags> [calling]
51812e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
51912e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd320000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
52012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
52112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe0d0000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
52212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
52312e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd360000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
52412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
52512e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd1d0000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
52612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
52712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd590000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
52812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
52912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd320000 'C:\Windows\system32\Wintrust.dll'
53012e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
53112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
53212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026d4e1:<flags> [calling]
53312e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
53412e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefcb50000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
53512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
53612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb50000 'C:\Windows\system32\bcrypt.dll'
53712e0.1d88: bcrypt.dll loaded at 000007fefcb50000, BCryptOpenAlgorithmProvider at 000007fefcb52460, preloading providers:
53812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
53912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
54012e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
54112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
54212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
54312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
54412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
54512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
54612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
54712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
54812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
54912e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
55012e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
55112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
55212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
55312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
55412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
55512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
55612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
55712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026d4c1:<flags> [calling]
55812e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
55912e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefc640000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
56012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
56112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe6f0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
56212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
56312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
56412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
56512e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
56612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
56712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd9d0000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
56812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
56912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc640000 'C:\Windows\system32\bcryptprimitives.dll'
57012e0.1d88: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000006dc8c0)
57112e0.1d88: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000006dd800)
57212e0.1d88: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000006dd930)
57312e0.1d88: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000006ddb50)
57412e0.1d88: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000006ddc80)
57512e0.1d88: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000006dddb0)
57612e0.1d88: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000006de000)
57712e0.1d88: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000006de130)
57812e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
57912e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
58012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
58112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
58212e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
58312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
58412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
58512e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
58612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026d031:<flags> [calling]
58712e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
58812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefca00000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
58912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
59012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca00000 'C:\Windows\system32\CRYPTSP.dll'
59112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
59212e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
59312e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
59412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
59512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
59612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
59712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026cfc1:<flags> [calling]
59812e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
59912e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefc700000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
60012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
60112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc700000 'C:\Windows\system32\rsaenh.dll'
60212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
60312e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c851:<flags> [calling]
60412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\ADVAPI32.dll'
60512e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
60612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
60712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026cbd1:<flags> [calling]
60812e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
60912e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd060000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
61012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
61112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd060000 'C:\Windows\system32\CRYPTBASE.dll'
61212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
61312e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c601:<flags> [calling]
61412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077370000 'C:\Windows\system32\kernel32.dll'
61512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
61612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026cf91:<flags> [calling]
61712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd320000 'C:\Windows\system32\WINTRUST.DLL'
61812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
61912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000026cdc1:<flags> [calling]
62012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd360000 'C:\Windows\system32\CRYPT32.dll'
62112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
62212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
62312e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
62412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
62512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
62612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
62712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
62812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
62912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
63012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
63112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ce11:<flags> [calling]
63212e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
63312e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe660000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
63412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
63512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe660000 'C:\Windows\system32\imagehlp.dll'
63612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
63712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026cf61:<flags> [calling]
63812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca00000 'C:\Windows\system32\CRYPTSP.dll'
63912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
64012e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
64112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
64212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
64312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
64412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
64512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
64612e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
64712e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
64812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
64912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
65012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
65112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
65212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
65312e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
65412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
65512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
65612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
65712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
65812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
65912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
66012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
66112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
66212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
66312e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
66412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
66512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
66612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
66712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
66812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
66912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
67012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
67112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
67212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
67312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
67412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
67512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
67612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
67712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
67812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
67912e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
68012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ca91:<flags> [calling]
68112e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
68212e0.1d88: supR3HardenedDllNotificationCallback: load 0000000077270000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
68312e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
68412e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe680000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
68512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
68612e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe820000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
68712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\lpk.dll [lacks WinVerifyTrust]
68812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe170000 LB 0x000ca000 C:\Windows\system32\USP10.dll [fFlags=0x0]
68912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\usp10.dll [lacks WinVerifyTrust]
69012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
69112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026bf91:<flags> [calling]
69212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe680000 'C:\Windows\system32\gdi32.dll'
69312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
69412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
69512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
69612e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
69712e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
69812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
69912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
70012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
70112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
70212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
70312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
70412e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
70512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
70612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
70712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
70812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
70912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
71012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
71112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
71212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
71312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
71412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
71512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
71612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
71712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
71812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
71912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
72012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
72112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
72212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
72312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
72412e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026b8d1:<flags> [calling]
72512e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
72612e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe630000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
72712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
72812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefddb0000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
72912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
73012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe630000 'C:\Windows\system32\IMM32.DLL'
73112e0.1d88: \Device\HarddiskVolume1\Program Files (x86)\netinst\Nia64.dll: Owner is administrators group.
73212e0.1d88: supHardenedWinVerifyImageByHandle: -> -23021 (\Device\HarddiskVolume1\Program Files (x86)\netinst\Nia64.dll)
73312e0.1d88: Error (rc=0):
73412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume1\Program Files (x86)\netinst\Nia64.dll: None of the 1 path(s) have a trust anchor.: \Device\HarddiskVolume1\Program Files (x86)\netinst\Nia64.dll
73512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\netinst\Nia64.dll
73612e0.1d88: Error (rc=0):
73712e0.1d88: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\PROGRA~2\NetInst\NiA64.dll' (C:\PROGRA~2\NetInst\NiA64.dll): rcNt=0xc0000190
73812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\PROGRA~2\NetInst\NiA64.dll'
73912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077270000 'C:\Windows\system32\USER32.dll'
74012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
74112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
74212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
74312e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
74412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
74512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
74612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
74712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
74812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
74912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
75012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
75112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
75212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
75312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
75412e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026cd91:<flags> [calling]
75512e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
75612e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefcb80000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
75712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
75812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb80000 'C:\Windows\system32\ncrypt.dll'
75912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
76012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026cb81:<flags> [calling]
76112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb50000 'C:\Windows\system32\bcrypt.dll'
76212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
76312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
76412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
76512e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
76612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
76712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
76812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
76912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
77012e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
77112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
77212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
77312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
77412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
77512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
77612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
77712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
77812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
77912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
78012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
78112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c511:<flags> [calling]
78212e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
78312e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd200000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
78412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
78512e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd1c0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
78612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
78712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd200000 'C:\Windows\system32\USERENV.dll'
78812e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c271:<flags> [calling]
78912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
79012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c601:<flags> [calling]
79112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
79212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
79312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
79412e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
79512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
79612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
79712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
79812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
79912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
80012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
80112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
80212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c831:<flags> [calling]
80312e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
80412e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefc460000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
80512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
80612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc460000 'C:\Windows\system32\GPAPI.dll'
80712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c781:<flags> [calling]
80812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
80912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
81012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026be81:<flags> [calling]
81112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd590000 'C:\Windows\system32\rpcrt4.dll'
81212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c761:<flags> [calling]
81312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
81412e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c771:<flags> [calling]
81512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
81612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
81712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
81812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
81912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
82012e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
82112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
82212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
82312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
82412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
82512e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
82612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
82712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
82812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
82912e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
83012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
83112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
83212e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
83312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
83412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
83512e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
83612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
83712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
83812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
83912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c271:<flags> [calling]
84012e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
84112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef8f50000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
84212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
84312e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd8d0000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
84412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
84512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
84612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000026b4a1:<flags> [calling]
84712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
84812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
84912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000026b4a1:<flags> [calling]
85012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
85112e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
85212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000026b4a1:<flags> [calling]
85312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
85412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
85512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000026b4a1:<flags> [calling]
85612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
85712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
85812e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000026b4a1:<flags> [calling]
85912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
86012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
86112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000026b4a1:<flags> [calling]
86212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
86312e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
86412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
86512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
86612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
86712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
86812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
86912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
87012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
87112e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
87212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
87312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
87412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
87512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\system32\cryptnet.dll'
87612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026bb91:<flags> [calling]
87712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
87812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
87912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026bb91:<flags> [calling]
88012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1c0000 'C:\Windows\system32\profapi.dll'
88112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
88212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
88312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
88412e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
88512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
88612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
88712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
88812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
88912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
89012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
89112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
89212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
89312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
89412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
89512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026b621:<flags> [calling]
89612e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
89712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe240000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
89812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
89912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe240000 'C:\Windows\system32\SHLWAPI.dll'
90012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
90112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000707350
90212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
90312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=93CD446D19FB1B807F6864D77E78AA7E1318AA12
90412e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c551:<flags> [calling]
90512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
90612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c0b1:<flags> [calling]
90712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
90812e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c0b1:<flags> [calling]
90912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
91012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
91112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c551:<flags> [calling]
91212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\ADVAPI32.dll'
91312e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c501:<flags> [calling]
91412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
91512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000026c1f1:<flags> [calling]
91612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
91712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\SystemRoot\System32\ntdll.dll'
91812e0.1d88: g_pfnWinVerifyTrust=000007fefd321010
91912e0.1d88: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
92012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
92112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
92212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
92312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3F7F1801DE9BB273EE41D6569071191D49046620
92412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
92512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
92612e0.1d88: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
92712e0.1d88: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
92812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
92912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
93012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
93112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=95764F8F8C0CB58DEAD93486461023910C063BC1
93212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
93312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
93412e0.1d88: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
93512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000394 pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
93612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
93712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
93812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
93912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
94012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
94112e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
94212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
94312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
94412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
94512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
94612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
94712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
94812e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
94912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
95012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
95112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
95212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C76D763ED1830F4180ADA4E3AD04BE27640F9DB3
95312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
95412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
95512e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
95612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000268 pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
95712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
95812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
95912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EBDAA16C3FD93DFF9C20BA3B2689DFF4C8D31061
96012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3159398~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
96112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
96212e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
96312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d4 pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
96412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
96512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
96612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
96712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\profapi.dll'
96812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
96912e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
97012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d0 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
97112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
97212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
97312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
97412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\userenv.dll'
97512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
97612e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
97712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b0 pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
97812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
97912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
98012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=30E6E3E7CF63B26733FDF02B344AE6E396CAB3A2
98112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3212646~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
98212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
98312e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
98412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
98512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
98612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
98712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6D141A0C50E469CDD81DC8293CF8B3635FE0240E
98812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\msctf.dll'
98912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
99012e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
99112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
99212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
99312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
99412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
99512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\imm32.dll'
99612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
99712e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
99812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
99912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
100012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
100112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2DEEACEBFF6B8298E543291DC686270A30CAD360
100212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\usp10.dll'
100312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
100412e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
100512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
100612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
100712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
100812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6476128ECFCCBBE98E9D88478BD4355574A990C2
100912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\lpk.dll'
101012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
101112e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
101212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
101312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
101412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
101512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2FBD6D26D0DB09C7EB090381BCF517AB46098E28
101612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
101712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
101812e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
101912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
102012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
102112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
102212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03BB259EC2F9D61B0941E0635513FFA135E07009
102312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\user32.dll'
102412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
102512e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
102612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
102712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
102812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
102912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
103012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
103112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
103212e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
103312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000134 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
103412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
103512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
103612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D1622F4B0D5F8BD9FEB640463F71ADBC45F09473
103712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3212646~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
103812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
103912e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
104012e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
104112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
104212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
104312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
104412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CECCA98E04985A576883E9A9AD8AF2140526B576
104512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
104612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
104712e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
104812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
104912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
105012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
105112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
105212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\sechost.dll'
105312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
105412e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
105512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
105612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
105712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
105812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7BD3CF9DA5D667AF7B8D21C1EB2DAED9EBC2933A
105912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_362_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
106012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
106112e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
106212e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
106312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
106412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
106512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
106612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B2B2E2737DF611C7DADE5A123EA3E780635E859E
106712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3212646~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
106812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
106912e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
107012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
107112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
107212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
107312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
107412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
107512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
107612e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
107712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
107812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
107912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
108012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
108112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
108212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
108312e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
108412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
108512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
108612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
108712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=30BB1DED08ED2450A691BB187E0C254776D02CFD
108812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3212646~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
108912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
109012e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
109112e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSupLib.dll'
109212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
109312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
109412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
109512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=17893CF1BB699F913DE0F41A1B314B45ACE0EDCB
109612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
109712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
109812e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
109912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
110012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
110112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
110212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=ADD655A7C48288D52AC4BEDDB5C95480B2F4F7D4
110312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
110412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
110512e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
110612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
110712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026bff1:<flags> [calling]
110812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd360000 'C:\Windows\system32\crypt32.dll'
110912e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
111012e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
111112e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
111212e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
111312e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
111412e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
111512e0.1d88: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=BZ, ST=Belize, L=Belize city, O=Disc Soft Ltd, CN=Disc Soft Ltd, Email=finpr@disc-soft.com
111612e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
111712e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
111812e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
111912e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
112012e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
112112e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
112212e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
112312e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
112412e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
112512e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
112612e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
112712e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
112812e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
112912e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
113012e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
113112e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
113212e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
113312e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
113412e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
113512e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
113612e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
113712e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
113812e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
113912e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
114012e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
114112e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
114212e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
114312e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
114412e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
114512e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
114612e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
114712e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
114812e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
114912e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
115012e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
115112e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xffa191966e08d400 DC=local, DC=wirtgen-group, CN=cawirtgen
115212e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x2725f5c189dee500 CN=Wirtgen-Group Root CA
115312e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xe7fea6801e29bfab C=DE, L=Mannheim, O=Joseph Voegele AG, CN=smtp.voegele-ag.de, Email=hostmaster@voegele-ag.de
115412e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xe14c402d6be821b5 C=DE, L=Mannheim, O=Joseph Voegele AG, CN=proxy.voegele-ag.de, Email=hostmaster@voegele-ag.de
115512e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xc330334cd3e8f200 C=US, ST=Some-State, L=US, O=Alcatel-Lucent, CN=Opentouch internal authority
115612e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x8fb5e183c9e00 CN=administrator, L=EFS, OU=EFS File Encryption Certificate
115712e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x1ce8c693a3d84e56 C=DE, L=Mannheim, O=Joseph Voegele AG, CN=smtp2.voegele-ag.de, Email=hostmaster@voegele-ag.de
115812e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xd4d6867a5619ad00 CN=JV22110NEU
115912e0.1d88: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=FR, ST=Some-State, L=Newbury, O=Unsecure, CN=jv34025.voegele-ag.de
116012e0.1d88: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: CN=Wirtgen-CA
116112e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0xaca5a4582e72c96d C=DE, O=SAP Trust Community, OU=SAP Web AS, OU=I0020094266, CN=*.sap.wirtgen-group.local
116212e0.1d88: supR3HardenedWinIsDesiredRootCA: Adding 0x214f55535a3aca00 DC=de, DC=voegele-ag, CN=jv22108
116312e0.1d88: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=51
116412e0.1d88: SUPR3HardenedMain: Load Runtime...
116512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
116612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
116712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
116812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
116912e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll) WinVerifyTrust
117012e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
117112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
117212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
117312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
117412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
117512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
117612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000434 pwszName=\Device\HarddiskVolume1\Windows\System32\ws2_32.dll
117712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
117812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
117912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=901DCB8172024F14E25295BF5692180F12FC8C18
118012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\ws2_32.dll'
118112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
118212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
118312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
118412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
118512e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ws2_32.dll) WinVerifyTrust
118612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
118712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
118812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
118912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
119012e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll) WinVerifyTrust
119112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
119212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
119312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
119412e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll) WinVerifyTrust
119512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
119612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
119712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
119812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
119912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
120012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
120112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003f8 pwszName=\Device\HarddiskVolume1\Windows\System32\nsi.dll
120212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
120312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
120412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
120512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\nsi.dll'
120612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
120712e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nsi.dll) WinVerifyTrust
120812e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nsi.dll
120912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
121012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
121112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
121212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
121312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
121412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
121512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c321:<flags> [calling]
121612e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
121712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fedd060000 LB 0x0052e000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll [fFlags=0x0]
121812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
121912e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
122012e0.1d88: supR3HardenedDllNotificationCallback: load 0000000058600000 LB 0x000d2000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\MSVCR100.dll [fFlags=0x0]
122112e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
122212e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
122312e0.1d88: supR3HardenedDllNotificationCallback: load 0000000058350000 LB 0x00098000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\MSVCP100.dll [fFlags=0x0]
122412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
122512e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe7d0000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
122612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
122712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd580000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
122812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
122912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
123012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
123112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
123212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
123312e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
123412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
123512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
123612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
123712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
123812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
123912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
124012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
124112e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
124212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
124312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
124412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
124512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
124612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
124712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
124812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
124912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
125512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
125612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
125912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
126912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
127012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
127112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
127212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll
127312e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000269a61:<flags> [calling]
127412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
127512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
127612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
127712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd060000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxRT.dll'
127812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
127912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026de81:<flags> [calling]
128012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd320000 'C:\Windows\system32\Wintrust.dll'
128112e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
128212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c9d1:<flags> [calling]
128312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd360000 'C:\Windows\system32\crypt32.dll'
128412e0.1d88: SUPR3HardenedMain: Load TrustedMain...
128512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
128612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
128712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
128812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
128912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
129012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
129112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
129212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
129312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
129412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
129512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
129612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
129712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
129812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
129912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
130012e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.dll) WinVerifyTrust
130112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.dll
130212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
130312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
130412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000484 pwszName=\Device\HarddiskVolume1\Windows\System32\winmm.dll
130512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
130612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
130712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
130812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winmm.dll'
130912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
131012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
131112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
131212e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmm.dll) WinVerifyTrust
131312e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmm.dll
131412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
131512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
131612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000464 pwszName=\Device\HarddiskVolume1\Windows\System32\oleaut32.dll
131712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
131812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
131912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6C3B3967CA9D3D145651C5098BAF1C0EA892DB24
132012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
132112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
132212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
132312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
132412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
132512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
132612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
132712e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\oleaut32.dll) WinVerifyTrust
132812e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
132912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
133012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
133112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000478 pwszName=\Device\HarddiskVolume1\Windows\System32\ole32.dll
133212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
133312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
133412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=796B1965C19A0614793EA3630408324B2CFA32D2
133512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_87_for_KB3146706~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\ole32.dll'
133612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
133712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
133812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
133912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
134012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
134112e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ole32.dll) WinVerifyTrust
134212e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ole32.dll
134312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
134412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
134512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000490 pwszName=\Device\HarddiskVolume1\Windows\System32\shell32.dll
134612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
134712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
134812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB4A0D952E568C1E85DCE662F9A066FFB2E6CE84
134912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\shell32.dll'
135012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
135112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
135212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
135312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
135412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
135512e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shell32.dll) WinVerifyTrust
135612e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shell32.dll
135712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
135812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
135912e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
136012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
136112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
136212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
136312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
136412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
136512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
136612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
136712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
136812e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
136912e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5OpenGLVBox.dll
137012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
137112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
137212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
137312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
137412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
137512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
137612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
137712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
137812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
137912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
138012e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
138112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5PrintSupportVBox.dll
138212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
138312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
138412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
138512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
138612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
138712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
138812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
138912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
139012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
139112e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
139212e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5WidgetsVBox.dll
139312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
139412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
139512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
139612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
139712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
139812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
139912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
140012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
140112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
140212e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
140312e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll
140412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
140512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
140612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
140712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
140812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
140912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
141012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
141112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
141212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
141312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
141412e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
141512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
141612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
141712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
141812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
141912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
142012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
142112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
142212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
142312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
142412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
142512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
142612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004bc pwszName=\Device\HarddiskVolume1\Windows\System32\opengl32.dll
142712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
142812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
142912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
143012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\opengl32.dll'
143112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
143212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
143312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
143412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
143512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
143612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
143712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
143812e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\opengl32.dll) WinVerifyTrust
143912e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\opengl32.dll
144012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
144112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
144212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
144312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
144412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b0 pwszName=\Device\HarddiskVolume1\Windows\System32\ddraw.dll
144512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
144612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
144712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
144812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\ddraw.dll'
144912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
145012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
145112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
145212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
145312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
145412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
145512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
145612e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ddraw.dll) WinVerifyTrust
145712e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ddraw.dll
145812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
145912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
146012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b4 pwszName=\Device\HarddiskVolume1\Windows\System32\glu32.dll
146112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
146212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
146312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
146412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\glu32.dll'
146512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
146612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
146712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
146812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
146912e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\glu32.dll) WinVerifyTrust
147012e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\glu32.dll
147112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
147212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
147312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
147412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
147512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
147612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
147712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
147812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
147912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
148012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
148112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
148212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
148312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
148412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
148512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
148612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume1\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
148712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume1\Windows\System32\mpr.dll
148812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
148912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
149012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
149112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\mpr.dll'
149212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
149312e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mpr.dll) WinVerifyTrust
149412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mpr.dll
149512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
149612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
149712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
149812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
149912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
150012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
150112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
150212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
150312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
150412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
150512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
150612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
150712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
150812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
150912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
151012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
151112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
151212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
151312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
151412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
151512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
151612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
151712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
151812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
151912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
152012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
152112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
152212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
152312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
152412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
152512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
152612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
152712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
152812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
152912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
153012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
153112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
153212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
153312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
153412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
153512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
153612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
153712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
153812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
153912e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
154012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
154112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
154212e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll
154312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
154412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
154512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
154612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
154712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
154812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
154912e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
155012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
155112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
155212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d8 pwszName=\Device\HarddiskVolume1\Windows\System32\comdlg32.dll
155312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
155412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
155512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
155612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\comdlg32.dll'
155712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
155812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
155912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
156012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
156112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
156212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
156312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
156412e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comdlg32.dll) WinVerifyTrust
156512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
156612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
156712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
156812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004dc pwszName=\Device\HarddiskVolume1\Windows\System32\winspool.drv
156912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
157012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
157112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
157212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\winspool.drv'
157312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
157412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
157512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
157612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
157712e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winspool.drv) WinVerifyTrust
157812e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winspool.drv
157912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
158012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
158112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
158212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
158312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
158412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll
158512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
158612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
158712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5WidgetsVBox.dll
158812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
158912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
159012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
159112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
159212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
159312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
159412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
159512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
159612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
159712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
159812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
159912e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll
160012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
160112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
160212e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5WidgetsVBox.dll
160312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
160412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
160512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
160612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
160712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
160812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
160912e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
161012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
161112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
161212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
161312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
161412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
161512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
161612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
161712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
161812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
161912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
162012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
162112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
162212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
162312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
162412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
162512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
162612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
162712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
162812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
162912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
163012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
163112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
163212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
163312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
163412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
163512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
163612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
163712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
163812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
163912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
164012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
164112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
164212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
164312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
164412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
164512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
164612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
164712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume1\Windows\System32\comctl32.dll
164812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
164912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
165012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
165112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\comctl32.dll'
165212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
165312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
165412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
165512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
165612e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comctl32.dll) WinVerifyTrust
165712e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comctl32.dll
165812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
165912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
166012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
166112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
166212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
166312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
166412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
166512e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
166612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
166712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
166812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
166912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
167012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
167112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
167212e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
167312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
167412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
167512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
167612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
167712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e4 pwszName=\Device\HarddiskVolume1\Windows\System32\dwmapi.dll
167812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
167912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
168012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
168112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dwmapi.dll'
168212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
168312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
168412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
168512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
168612e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dwmapi.dll) WinVerifyTrust
168712e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
168812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
168912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
169012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ec pwszName=\Device\HarddiskVolume1\Windows\System32\setupapi.dll
169112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
169212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
169312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
169412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
169512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
169612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
169712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
169812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
169912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
170012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
170112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
170212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
170312e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\setupapi.dll) WinVerifyTrust
170412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\setupapi.dll
170512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
170612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
170712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
170812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
170912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b8 pwszName=\Device\HarddiskVolume1\Windows\System32\dciman32.dll
171012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
171112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
171212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=31A74D9F0CD6EDF8FC5A0A644C3B997ABF30083E
171312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_175_for_KB3207752~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\dciman32.dll'
171412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
171512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
171612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
171712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
171812e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dciman32.dll) WinVerifyTrust
171912e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dciman32.dll
172012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
172112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
172212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
172312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
172412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
172512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
172612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
172712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
172812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
172912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
173012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
173112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume1\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
173212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume1\Windows\System32\devobj.dll
173312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
173412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
173512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
173612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devobj.dll'
173712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
173812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
173912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
174012e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\devobj.dll) WinVerifyTrust
174112e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devobj.dll
174212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
174312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
174412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
174512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
174612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
174712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
174812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
174912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
175012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
175112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
175212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
175312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
175412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
175512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000500 pwszName=\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
175612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
175712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
175812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
175912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
176012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
176112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
176212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
176312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
176412e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll) WinVerifyTrust
176512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
176612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
176712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
176812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
176912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
177012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
177112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
177212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
177312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
177412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
177512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
177612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
177712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
177812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
177912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
178012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
178112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
178212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
178312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
178412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
178512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
178612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
178712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
178812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
178912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c331:<flags> [calling]
179012e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.dll
179112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fee6900000 LB 0x008e7000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.dll [fFlags=0x0]
179212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.dll
179312e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
179412e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef2f90000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
179512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
179612e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
179712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef4a00000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
179812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
179912e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
180012e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef2e90000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
180112e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
180212e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
180312e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef4d70000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
180412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
180512e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe830000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
180612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
180712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd240000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
180812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
180912e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd9f0000 LB 0x000da000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
181012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
181112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd6c0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
181212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
181312e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd220000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
181412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\devobj.dll
181512e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
181612e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefb3f0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
181712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
181812e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
181912e0.1d88: supR3HardenedDllNotificationCallback: load 0000000066040000 LB 0x00566000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
182012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
182112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefea10000 LB 0x00d89000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
182212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
182312e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
182412e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef9c50000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
182512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
182612e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll
182712e0.1d88: supR3HardenedDllNotificationCallback: load 000007fedca60000 LB 0x005f7000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
182812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll
182912e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5WidgetsVBox.dll
183012e0.1d88: supR3HardenedDllNotificationCallback: load 0000000064da0000 LB 0x00561000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
183112e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5WidgetsVBox.dll
183212e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5PrintSupportVBox.dll
183312e0.1d88: supR3HardenedDllNotificationCallback: load 000007feeb440000 LB 0x00051000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
183412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5PrintSupportVBox.dll
183512e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
183612e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef9a60000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
183712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
183812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefe590000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
183912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
184012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
184112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
184212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
184312e0.1d88: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
184412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
184512e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef9c70000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
184612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
184712e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5OpenGLVBox.dll
184812e0.1d88: supR3HardenedDllNotificationCallback: load 0000000057ea0000 LB 0x00054000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
184912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5OpenGLVBox.dll
185012e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
185112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefad30000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
185212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
185312e0.1d88: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
185412e0.1d88: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
185512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
185612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
185712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
185812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
185912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
186012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
186112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
186212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026b901:<flags> [calling]
186312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe630000 'C:\Windows\system32\imm32.dll'
186412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\ADVAPI32.DLL'
186512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
186612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
186712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd060000 'C:\Windows\system32\cryptbase.dll'
186812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee6900000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VirtualBox.dll'
186912e0.1d88: SUPR3HardenedMain: Calling TrustedMain (000007fee6901610)...
187012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
187112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026dc31:<flags> [calling]
187212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6c0000 'C:\Windows\system32\ole32.dll'
187312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\ADVAPI32.dll'
187412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll
187512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026c311:<flags> [calling]
187612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1c0000 'C:\Windows\system32\profapi.dll'
187712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
187812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
187912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
188012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
188112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
188212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
188312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
188412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
188512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
188612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
188712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
188812e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
188912e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\platforms\qwindows.dll
189012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
189112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
189212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
189312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
189412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5CoreVBox.dll
189512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
189612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
189712e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\Qt5GuiVBox.dll
189812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
189912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
190012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
190112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
190212e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
190312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
190412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
190512e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
190612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
190712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
190812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
190912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
191012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
191112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
191212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
191312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
191412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
191512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
191612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
191712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
191812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
191912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026e601:<flags> [calling]
192012e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\platforms\qwindows.dll
192112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fee8cb0000 LB 0x0012e000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
192212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\platforms\qwindows.dll
192312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8cb0000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\platforms\qwindows.dll'
192412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
192512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026e531:<flags> [calling]
192612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd060000 'C:\Windows\system32\CRYPTBASE.dll'
192712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077270000 'C:\Windows\system32\user32.dll'
192812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
192912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026e841:<flags> [calling]
193012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea10000 'C:\Windows\system32\shell32.dll'
193112e0.1d88: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
193212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026e721:<flags> [calling]
193312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
193412e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
193512e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ec61:<flags> [calling]
193612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\winmm.dll'
193712e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
193812e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ec61:<flags> [calling]
193912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\winmm.dll'
194012e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
194112e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ef41:<flags> [calling]
194212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea10000 'C:\Windows\system32\shell32.dll'
194312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000590 pwszName=\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
194412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
194512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
194612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
194712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\uxtheme.dll'
194812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
194912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
195012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
195112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
195212e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\uxtheme.dll) WinVerifyTrust
195312e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
195412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
195512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
195612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
195712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
195812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
195912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
196012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ef11:<flags> [calling]
196112e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
196212e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefbb50000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
196312e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
196412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbb50000 'C:\Windows\system32\uxtheme.dll'
196512e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\advapi32.dll'
196612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll
196712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ee71:<flags> [calling]
196812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd200000 'C:\Windows\system32\userenv.dll'
196912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
197012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ef51:<flags> [calling]
197112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077370000 'C:\Windows\system32\kernel32.dll'
197212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005ac pwszName=\Device\HarddiskVolume1\Windows\System32\clbcatq.dll
197312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
197412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
197512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
197612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\clbcatq.dll'
197712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
197812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
197912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
198012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
198112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
198212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
198312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
198412e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clbcatq.dll) WinVerifyTrust
198512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
198612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
198712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
198812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
198912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
199012e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
199112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
199212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
199312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
199412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
199512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
199612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
199712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
199812e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
199912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
200012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
200112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
200212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026bcd1:<flags> [calling]
200312e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
200412e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd930000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
200512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
200612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd930000 'C:\Windows\system32\CLBCatQ.DLL'
200712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\ADVAPI32.dll'
200812e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
200912e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026aac1:<flags> [calling]
201012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca00000 'C:\Windows\system32\CRYPTSP.dll'
201112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005d4 pwszName=\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
201212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
201312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
201412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
201512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll'
201612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
201712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
201812e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
201912e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
202012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
202112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
202212e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026a691:<flags> [calling]
202312e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
202412e0.1d88: supR3HardenedDllNotificationCallback: load 000007fefd070000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
202512e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
202612e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd070000 'C:\Windows\system32\RpcRtRemote.dll'
202712e0.21d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
202812e0.21d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a1f831:<flags> [calling]
202912e0.21d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\OLEAUT32.dll'
203012e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
203112e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
203212e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
203312e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
203412e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
203512e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
203612e0.1e30: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll) WinVerifyTrust
203712e0.1e30: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll
203812e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
203912e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
204012e0.1e30: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
204112e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
204212e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
204312e0.1e30: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
204412e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
204512e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
204612e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
204712e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
204812e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
204912e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
205012e0.1e30: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
205112e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
205212e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
205312e0.1e30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000048ee391:<flags> [calling]
205412e0.1e30: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll
205512e0.1e30: supR3HardenedDllNotificationCallback: load 000007fedc560000 LB 0x004f5000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll [fFlags=0x0]
205612e0.1e30: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll
205712e0.1e30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedc560000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll'
205812e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
205912e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
206012e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
206112e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
206212e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
206312e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
206412e0.1e30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
206512e0.1e30: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
206612e0.1e30: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll
206712e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
206812e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
206912e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
207012e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
207112e0.1e30: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
207212e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
207312e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
207412e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
207512e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
207612e0.1e30: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
207712e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
207812e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
207912e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
208012e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
208112e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
208212e0.1e30: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
208312e0.1e30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000048eceb1:<flags> [calling]
208412e0.1e30: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll
208512e0.1e30: supR3HardenedDllNotificationCallback: load 000007fee9520000 LB 0x000b5000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
208612e0.1e30: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll
208712e0.1e30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee9520000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll'
208812e0.1e30: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
208912e0.1e30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000048ecd31:<flags> [calling]
209012e0.1e30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\oleaut32.dll'
209112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\ADVAPI32.dll'
209212e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe680000 'C:\Windows\system32\gdi32.dll'
209312e0.1db0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
209412e0.1db0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
209512e0.1db0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll) WinVerifyTrust
209612e0.1db0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
209712e0.1db0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
209812e0.1db0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
209912e0.1db0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
210012e0.1db0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
210112e0.1db0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004a9a2b1:<flags> [calling]
210212e0.1db0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
210312e0.1db0: supR3HardenedDllNotificationCallback: load 000007fef6550000 LB 0x0000d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
210412e0.1db0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
210512e0.1db0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6550000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL'
210612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
210712e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026aa31:<flags> [calling]
210812e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea10000 'C:\Windows\system32\shell32.dll'
210912e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6c0000 'C:\Windows\system32\ole32.dll'
211012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6c0000 'C:\Windows\system32\ole32.dll'
211112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\OLEAUT32.dll'
211212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000094c pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
211312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
211412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
211512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=541BC1754BDA66C5AFA188863CAE97A8C1A394C2
211612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIN8IP-Microsoft-Windows-WMI-Package~31bf3856ad364e35~amd64~~7.2.7601.16406.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll'
211712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
211812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
211912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
212012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
212112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'wbemcomn2.dll'.
212212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
212312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
212412e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
212512e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
212612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
212712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
212812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
212912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
213012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn2.dll'...
213112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn2.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll' [rcNtRedir=0xc0150008]
213212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000958 pwszName=\Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll
213312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
213412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
213512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AD4FA9A58F96284E34EDF1205B814E6FB4E98BDE
213612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIN8IP-Microsoft-Windows-WMI-Package~31bf3856ad364e35~amd64~~7.2.7601.16406.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll'
213712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
213812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
213912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
214012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
214112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
214212e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll) WinVerifyTrust
214312e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll
214412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
214512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
214612e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
214712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
214812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
214912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
215012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
215112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
215212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
215312e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
215412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
215512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
215612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
215712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
215812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
215912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
216012e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000266761:<flags> [calling]
216112e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
216212e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef8960000 LB 0x0000d000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
216312e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
216412e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll
216512e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef88e0000 LB 0x00078000 C:\Windows\system32\wbemcomn2.dll [fFlags=0x0]
216612e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll
216712e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8960000 'C:\Windows\system32\wbem\wbemprox.dll'
216812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000980 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
216912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
217012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
217112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=656D0EABE265B629988CC39100476C9B333D0E51
217212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIN8IP-Microsoft-Windows-WMI-Package~31bf3856ad364e35~amd64~~7.2.7601.16406.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll'
217312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
217412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
217512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
217612e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
217712e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
217812e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
217912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
218012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
218112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
218212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
218312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
218412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
218512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
218612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000266361:<flags> [calling]
218712e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
218812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef7fe0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
218912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
219012e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7fe0000 'C:\Windows\system32\wbem\wbemsvc.dll'
219112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000984 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
219212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
219312e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
219412e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936A9106F3BC7A8864E839CB63D424609B958DF2
219512e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIN8IP-Microsoft-Windows-WMI-Package~31bf3856ad364e35~amd64~~7.2.7601.16406.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll'
219612e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
219712e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
219812e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
219912e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn2.dll'.
220012e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
220112e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
220212e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ntdsapi.dll'.
220312e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
220412e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
220512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
220612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
220712e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000964 pwszName=\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
220812e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
220912e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
221012e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
221112e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll'
221212e0.1d88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
221312e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
221412e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
221512e0.1d88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
221612e0.1d88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll) WinVerifyTrust
221712e0.1d88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
221812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
221912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
222012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
222112e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
222212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn2.dll'...
222312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn2.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll' [rcNtRedir=0xc0150008]
222412e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn2.dll
222512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
222612e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
222712e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
222812e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
222912e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
223012e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
223112e0.1d88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
223212e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
223312e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
223412e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
223512e0.1d88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
223612e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000266361:<flags> [calling]
223712e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
223812e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef81c0000 LB 0x000d0000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
223912e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
224012e0.1d88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
224112e0.1d88: supR3HardenedDllNotificationCallback: load 000007fef8190000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
224212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
224312e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef81c0000 'C:\Windows\system32\wbem\fastprox.dll'
224412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\OLEAUT32.dll'
224512e0.214c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
224612e0.214c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
224712e0.214c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
224812e0.214c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll) WinVerifyTrust
224912e0.214c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
225012e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
225112e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
225212e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
225312e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
225412e0.214c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
225512e0.214c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
225612e0.214c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
225712e0.214c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxREM.dll) WinVerifyTrust
225812e0.214c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxREM.dll
225912e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
226012e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
226112e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
226212e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
226312e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
226412e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
226512e0.214c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
226612e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
226712e0.214c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
226812e0.214c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006b8e691:<flags> [calling]
226912e0.214c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
227012e0.214c: supR3HardenedDllNotificationCallback: load 000007fee8390000 LB 0x0029f000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
227112e0.214c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
227212e0.214c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxREM.dll
227312e0.214c: supR3HardenedDllNotificationCallback: load 0000000057860000 LB 0x0010b000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxREM.dll [fFlags=0x0]
227412e0.214c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxREM.dll
227512e0.214c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8390000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.DLL'
227612e0.1c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
227712e0.1c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
227812e0.1c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
227912e0.1c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
228012e0.1c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
228112e0.1c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.dll
228212e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
228312e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
228412e0.1c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
228512e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
228612e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
228712e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
228812e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
228912e0.1c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
229012e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
229112e0.1c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
229212e0.1c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006dfdbb1:<flags> [calling]
229312e0.1c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.dll
229412e0.1c68: supR3HardenedDllNotificationCallback: load 000007fef4920000 LB 0x0000b000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
229512e0.1c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.dll
229612e0.1c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4920000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.DLL'
229712e0.1c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077270000 'C:\Windows\system32\User32.dll'
229812e0.206c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
229912e0.206c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
230012e0.206c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
230112e0.206c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
230212e0.206c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.dll
230312e0.206c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
230412e0.206c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
230512e0.206c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
230612e0.206c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
230712e0.206c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll
230812e0.206c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
230912e0.206c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
231012e0.206c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll
231112e0.206c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000716dab1:<flags> [calling]
231212e0.206c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.dll
231312e0.206c: supR3HardenedDllNotificationCallback: load 000007fef48f0000 LB 0x0000d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
231412e0.206c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.dll
231512e0.206c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef48f0000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.DLL'
231612e0.fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
231712e0.fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
231812e0.fd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
231912e0.fd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
232012e0.fd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.dll
232112e0.fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
232212e0.fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
232312e0.fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
232412e0.fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
232512e0.fd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
232612e0.fd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
232712e0.fd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000073dd781:<flags> [calling]
232812e0.fd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.dll
232912e0.fd0: supR3HardenedDllNotificationCallback: load 000007fef48e0000 LB 0x0000c000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
233012e0.fd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.dll
233112e0.fd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef48e0000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.DLL'
233212e0.236c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
233312e0.236c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
233412e0.236c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
233512e0.236c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
233612e0.236c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.dll
233712e0.236c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
233812e0.236c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
233912e0.236c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
234012e0.236c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
234112e0.236c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
234212e0.236c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
234312e0.236c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000076ed791:<flags> [calling]
234412e0.236c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.dll
234512e0.236c: supR3HardenedDllNotificationCallback: load 000007fef1410000 LB 0x0000b000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
234612e0.236c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.dll
234712e0.236c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1410000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.DLL'
234812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea10000 'C:\Windows\system32\Shell32.dll'
234912e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000006cf92e1:<flags> [calling]
235012e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
235112e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
235212e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfb611:<flags> [calling]
235312e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8390000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.DLL'
235412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
235512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
235612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
235712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
235812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
235912e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
236012e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
236112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
236212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
236312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
236412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
236512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
236612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
236712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
236812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
236912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
237012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
237112e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfc7c1:<flags> [calling]
237212e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
237312e0.a88: supR3HardenedDllNotificationCallback: load 000007fef0420000 LB 0x0002d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
237412e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
237512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0420000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
237612e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fef0420000 LB 0x0002d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
237712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
237812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
237912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
238012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
238112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
238212e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
238312e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
238412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
238512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
238612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
238712e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.dll) WinVerifyTrust
238812e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.dll
238912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
239012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
239112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ba0 pwszName=\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
239212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
239312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
239412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
239512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL'
239612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
239712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
239812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
239912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
240012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
240112e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
240212e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
240312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
240412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
240512e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
240612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
240712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
240812e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
240912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
241012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
241112e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
241212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
241312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
241412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
241512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
241612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
241712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
241812e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.dll) WinVerifyTrust
241912e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.dll
242012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
242112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
242212e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
242312e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
242412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
242512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
242612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
242712e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDDU.dll) WinVerifyTrust
242812e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDDU.dll
242912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
243012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
243112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
243212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
243312e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
243412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
243512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
243612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
243712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
243812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
243912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
244012e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
244112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
244212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
244312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
244412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
244512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
244612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
244712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
244812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
244912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
245012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
245112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
245212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
245312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
245412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
245512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b8c pwszName=\Device\HarddiskVolume1\Windows\System32\winnsi.dll
245612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
245712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
245812e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
245912e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winnsi.dll'
246012e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
246112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
246212e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
246312e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
246412e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winnsi.dll) WinVerifyTrust
246512e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winnsi.dll
246612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
246712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
246812e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
246912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
247012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
247112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
247212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
247312e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
247412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
247512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
247612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
247712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
247812e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd7b1:<flags> [calling]
247912e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.dll
248012e0.a88: supR3HardenedDllNotificationCallback: load 000007fedbbb0000 LB 0x009ad000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.DLL [fFlags=0x0]
248112e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.dll
248212e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDDU.dll
248312e0.a88: supR3HardenedDllNotificationCallback: load 000007fef0450000 LB 0x00058000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDDU.dll [fFlags=0x0]
248412e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDDU.dll
248512e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.dll
248612e0.a88: supR3HardenedDllNotificationCallback: load 000007feeaa40000 LB 0x0005d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.dll [fFlags=0x0]
248712e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.dll
248812e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
248912e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa3f0000 LB 0x00027000 C:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
249012e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
249112e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
249212e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa3e0000 LB 0x0000b000 C:\Windows\system32\WINNSI.DLL [fFlags=0x0]
249312e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
249412e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedbbb0000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.DLL'
249512e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
249612e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd7b1:<flags> [calling]
249712e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
249812e0.a88: supR3HardenedDllNotificationCallback: load 000007fef0510000 LB 0x0002d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
249912e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
250012e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0510000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
250112e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll
250212e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd7b1:<flags> [calling]
250312e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedc560000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.DLL'
250412e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.dll
250512e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd6c1:<flags> [calling]
250612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeaa40000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.DLL'
250712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
250812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
250912e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
251012e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
251112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
251212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
251312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
251412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
251512e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd6c1:<flags> [calling]
251612e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
251712e0.a88: supR3HardenedDllNotificationCallback: load 000007fef0700000 LB 0x0001e000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
251812e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
251912e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0700000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
252012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
252112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
252212e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
252312e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
252412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
252512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
252612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
252712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
252812e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd6c1:<flags> [calling]
252912e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
253012e0.a88: supR3HardenedDllNotificationCallback: load 000007fef04f0000 LB 0x00017000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
253112e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
253212e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef04f0000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
253312e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
253412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
253512e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
253612e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
253712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
253812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
253912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
254012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
254112e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd6c1:<flags> [calling]
254212e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
254312e0.a88: supR3HardenedDllNotificationCallback: load 000007fef0430000 LB 0x00017000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
254412e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
254512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0430000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
254612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
254712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
254812e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
254912e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
255012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
255112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
255212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
255312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
255412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd6c1:<flags> [calling]
255512e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
255612e0.a88: supR3HardenedDllNotificationCallback: load 000007feef900000 LB 0x00019000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
255712e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
255812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feef900000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
255912e0.15ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
256012e0.15ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
256112e0.15ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
256212e0.15ec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
256312e0.15ec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.dll
256412e0.15ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
256512e0.15ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
256612e0.15ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
256712e0.15ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
256812e0.15ec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
256912e0.15ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
257012e0.15ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
257112e0.15ec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000bb9d741:<flags> [calling]
257212e0.15ec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.dll
257312e0.15ec: supR3HardenedDllNotificationCallback: load 000007fef1400000 LB 0x0000d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
257412e0.15ec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.dll
257512e0.15ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1400000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.DLL'
257612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
257712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
257812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
257912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
258012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
258112e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
258212e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
258312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
258412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
258512e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
258612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
258712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
258812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
258912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
259012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
259112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
259212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
259312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
259412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfedf1:<flags> [calling]
259512e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
259612e0.a88: supR3HardenedDllNotificationCallback: load 000007fee9430000 LB 0x000e5000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
259712e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
259812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee9430000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
259912e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
260012e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd621:<flags> [calling]
260112e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa3f0000 'C:\Windows\system32\Iphlpapi.dll'
260212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cb8 pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
260312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
260412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
260512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D89E2D6AED9A19082ECA108BEEF81A904C7A9756
260612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll'
260712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
260812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
260912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
261012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
261112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
261212e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll) WinVerifyTrust
261312e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
261412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
261512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
261612e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
261712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
261812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
261912e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
262012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
262112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
262212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
262312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
262412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc.DLL (Input=dhcpcsvc.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfe7c1:<flags> [calling]
262512e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
262612e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa270000 LB 0x00018000 C:\Windows\system32\dhcpcsvc.DLL [fFlags=0x0]
262712e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
262812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa270000 'C:\Windows\system32\dhcpcsvc.DLL'
262912e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
263012e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfe421:<flags> [calling]
263112e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa3f0000 'C:\Windows\system32\IPHLPAPI.DLL'
263212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cbc pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
263312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
263412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
263512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3B9B444EEE6F858BAE572BDDE53A4FA1A1E7957B
263612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll'
263712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
263812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
263912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
264012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
264112e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll) WinVerifyTrust
264212e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
264312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
264412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
264512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
264612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
264712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
264812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
264912e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc6.DLL (Input=dhcpcsvc6.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfe771:<flags> [calling]
265012e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
265112e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa1f0000 LB 0x00011000 C:\Windows\system32\dhcpcsvc6.DLL [fFlags=0x0]
265212e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
265312e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1f0000 'C:\Windows\system32\dhcpcsvc6.DLL'
265412e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
265512e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfe491:<flags> [calling]
265612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa3f0000 'C:\Windows\system32\IPHLPAPI.DLL'
265712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d4c pwszName=\Device\HarddiskVolume1\Windows\System32\dsound.dll
265812e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
265912e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
266012e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
266112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\dsound.dll'
266212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
266312e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
266412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
266512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
266612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
266712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
266812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
266912e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dsound.dll) WinVerifyTrust
267012e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dsound.dll
267112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
267212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume1\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
267312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d50 pwszName=\Device\HarddiskVolume1\Windows\System32\powrprof.dll
267412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
267512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
267612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
267712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\powrprof.dll'
267812e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
267912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
268012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
268112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
268212e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\powrprof.dll) WinVerifyTrust
268312e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\powrprof.dll
268412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
268512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
268612e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
268712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
268812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
268912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
269012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
269112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
269212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
269312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
269412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
269512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
269612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
269712e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
269812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
269912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
270012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
270112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
270212e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd621:<flags> [calling]
270312e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
270412e0.a88: supR3HardenedDllNotificationCallback: load 000007fef30b0000 LB 0x00088000 C:\Windows\System32\dsound.dll [fFlags=0x0]
270512e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
270612e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
270712e0.a88: supR3HardenedDllNotificationCallback: load 000007fefb750000 LB 0x0002c000 C:\Windows\System32\POWRPROF.dll [fFlags=0x0]
270812e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
270912e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
271012e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfc991:<flags> [calling]
271112e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef30b0000 'C:\Windows\System32\dsound.dll'
271212e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef30b0000 'C:\Windows\System32\dsound.dll'
271312e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
271412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd671:<flags> [calling]
271512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef30b0000 'C:\Windows\system32\dsound.dll'
271612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d60 pwszName=\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
271712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
271812e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
271912e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
272012e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll'
272112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
272212e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
272312e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
272412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
272512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
272612e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll) WinVerifyTrust
272712e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
272812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
272912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume1\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
273012e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d78 pwszName=\Device\HarddiskVolume1\Windows\System32\propsys.dll
273112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
273212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
273312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
273412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\propsys.dll'
273512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
273612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
273712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
273812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
273912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
274012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
274112e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\propsys.dll) WinVerifyTrust
274212e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\propsys.dll
274312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
274412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
274512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
274612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
274712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
274812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
274912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
275012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
275112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
275212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
275312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
275412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
275512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
275612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
275712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
275812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
275912e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd0f1:<flags> [calling]
276012e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
276112e0.a88: supR3HardenedDllNotificationCallback: load 000007fefb700000 LB 0x0004b000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
276212e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
276312e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
276412e0.a88: supR3HardenedDllNotificationCallback: load 000007fefb5d0000 LB 0x0012c000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
276512e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
276612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6f0000 'C:\Windows\system32\ADVAPI32.dll'
276712e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb700000 'C:\Windows\System32\MMDevApi.dll'
276812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6c0000 'C:\Windows\system32\ole32.dll'
276912e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
277012e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd401:<flags> [calling]
277112e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe830000 'C:\Windows\system32\SETUPAPI.dll'
277212e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
277312e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfe271:<flags> [calling]
277412e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe240000 'C:\Windows\system32\SHLWAPI.dll'
277512e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
277612e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfe491:<flags> [calling]
277712e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb700000 'C:\Windows\system32\MMDEVAPI.DLL'
277812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6c0000 'C:\Windows\system32\ole32.dll'
277912e0.217c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
278012e0.217c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000001462f391:<flags> [calling]
278112e0.217c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd240000 'C:\Windows\system32\CFGMGR32.dll'
278212e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
278312e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfe0c1:<flags> [calling]
278412e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\winmm.dll'
278512e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000006cfdf21:<flags> [calling]
278612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
278712e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000006cfdf21:<flags> [calling]
278812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9d0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
278912e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd590000 'C:\Windows\system32\RPCRT4.dll'
279012e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
279112e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdf81:<flags> [calling]
279212e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb700000 'C:\Windows\system32\MMDevAPI.DLL'
279312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000db0 pwszName=\Device\HarddiskVolume1\Windows\System32\wdmaud.drv
279412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
279512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
279612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
279712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wdmaud.drv'
279812e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
279912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
280012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
280112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
280212e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
280312e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
280412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
280512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
280612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
280712e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wdmaud.drv) WinVerifyTrust
280812e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
280912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
281012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
281112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000db4 pwszName=\Device\HarddiskVolume1\Windows\System32\avrt.dll
281212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
281312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
281412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
281512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\avrt.dll'
281612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
281712e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\avrt.dll) WinVerifyTrust
281812e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\avrt.dll
281912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
282012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
282112e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
282212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
282312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume1\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
282412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000da0 pwszName=\Device\HarddiskVolume1\Windows\System32\ksuser.dll
282512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
282612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
282712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D99CFB3BFCA1F454FC7109DB98D18923ABBA361
282812e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB3110329~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\ksuser.dll'
282912e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
283012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
283112e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ksuser.dll) WinVerifyTrust
283212e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ksuser.dll
283312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
283412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
283512e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
283612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
283712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
283812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
283912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
284012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
284112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
284212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
284312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
284412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
284512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
284612e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdaf1:<flags> [calling]
284712e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
284812e0.a88: supR3HardenedDllNotificationCallback: load 000007fefac60000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
284912e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
285012e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
285112e0.a88: supR3HardenedDllNotificationCallback: load 0000000074f30000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0]
285212e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
285312e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
285412e0.a88: supR3HardenedDllNotificationCallback: load 000007fefbdd0000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0]
285512e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
285612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
285712e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
285812e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdaf1:<flags> [calling]
285912e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
286012e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
286112e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdca1:<flags> [calling]
286212e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
286312e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
286412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdca1:<flags> [calling]
286512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
286612e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
286712e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdca1:<flags> [calling]
286812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
286912e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dec pwszName=\Device\HarddiskVolume1\Windows\System32\AudioSes.dll
287012e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
287112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
287212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A3BDEC1E955295C342E14C90909598248B24E5B
287312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_134_for_KB3197868~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume1\Windows\System32\AudioSes.dll'
287412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
287512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
287612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
287712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
287812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
287912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
288012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
288112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
288212e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\AudioSes.dll) WinVerifyTrust
288312e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
288412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
288512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
288612e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
288712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
288812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
288912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
289012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
289112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
289212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
289312e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
289412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
289512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
289612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
289712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
289812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
289912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
290012e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdcb1:<flags> [calling]
290112e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
290212e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa9b0000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
290312e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
290412e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9b0000 'C:\Windows\system32\AUDIOSES.DLL'
290512e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
290612e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdca1:<flags> [calling]
290712e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
290812e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
290912e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdca1:<flags> [calling]
291012e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
291112e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefac60000 'C:\Windows\system32\wdmaud.drv'
291212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dc8 pwszName=\Device\HarddiskVolume1\Windows\System32\msacm32.drv
291312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
291412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
291512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=522563F5384AD4C93CF5CF4EEA899D3267552328
291612e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\msacm32.drv'
291712e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
291812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
291912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
292012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
292112e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
292212e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
292312e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msacm32.drv) WinVerifyTrust
292412e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msacm32.drv
292512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
292612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
292712e0.a88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
292812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
292912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
293012e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ddc pwszName=\Device\HarddiskVolume1\Windows\System32\msacm32.dll
293112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
293212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
293312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCA0A8AEE81B82C402AA72A300B2C8D2DC17C1DA
293412e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\msacm32.dll'
293512e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
293612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
293712e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
293812e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
293912e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
294012e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
294112e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msacm32.dll) WinVerifyTrust
294212e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msacm32.dll
294312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
294412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
294512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
294612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
294712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
294812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
294912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
295012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
295112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
295212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
295312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
295412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
295512e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
295612e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
295712e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
295812e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
295912e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdaa1:<flags> [calling]
296012e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
296112e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa9a0000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
296212e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
296312e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.dll
296412e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa980000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0]
296512e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.dll
296612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
296712e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
296812e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd4a1:<flags> [calling]
296912e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
297012e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
297112e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd4a1:<flags> [calling]
297212e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
297312e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
297412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd4a1:<flags> [calling]
297512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
297612e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
297712e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd4a1:<flags> [calling]
297812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
297912e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
298012e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd4a1:<flags> [calling]
298112e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
298212e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
298312e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd4a1:<flags> [calling]
298412e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
298512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
298612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
298712e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa9a0000 'C:\Windows\system32\msacm32.drv'
298812e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000de8 pwszName=\Device\HarddiskVolume1\Windows\System32\midimap.dll
298912e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
299012e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
299112e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43116C5C719A4751DA70B12932084D73D7AACEA3
299212e0.a88: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\midimap.dll'
299312e0.a88: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
299412e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
299512e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
299612e0.a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
299712e0.a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\midimap.dll) WinVerifyTrust
299812e0.a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\midimap.dll
299912e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
300012e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
300112e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
300212e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
300312e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
300412e0.a88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
300512e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdaa1:<flags> [calling]
300612e0.a88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
300712e0.a88: supR3HardenedDllNotificationCallback: load 000007fefa970000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0]
300812e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
300912e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa970000 'C:\Windows\system32\midimap.dll'
301012e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
301112e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd471:<flags> [calling]
301212e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa970000 'C:\Windows\system32\midimap.dll'
301312e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
301412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd471:<flags> [calling]
301512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa970000 'C:\Windows\system32\midimap.dll'
301612e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
301712e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdaa1:<flags> [calling]
301812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa970000 'C:\Windows\system32\midimap.dll'
301912e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\winmm.dll'
302012e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
302112e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd661:<flags> [calling]
302212e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef30b0000 'C:\Windows\system32\dsound.dll'
302312e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\winmm.dll'
302412e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
302512e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfd831:<flags> [calling]
302612e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef30b0000 'C:\Windows\system32\dsound.dll'
302712e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\winmm.dll'
302812e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.dll
302912e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdfc1:<flags> [calling]
303012e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8390000 'C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxVMM.DLL'
303112e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\WINMM.dll'
303212e0.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fe0 pwszName=\Device\HarddiskVolume1\Windows\System32\mswsock.dll
303312e0.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
303412e0.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
303512e0.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A0B91C962716871F5DE8282805DA288326E03A9F
303612e0.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\mswsock.dll'
303712e0.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
303812e0.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
303912e0.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
304012e0.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
304112e0.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
304212e0.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mswsock.dll) WinVerifyTrust
304312e0.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mswsock.dll
304412e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
304512e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
304612e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
304712e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
304812e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
304912e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
305012e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
305112e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
305212e0.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000001408efa1:<flags> [calling]
305312e0.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mswsock.dll
305412e0.430: supR3HardenedDllNotificationCallback: load 000007fefc9a0000 LB 0x00055000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
305512e0.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mswsock.dll
305612e0.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9a0000 'C:\Windows\system32\mswsock.dll'
305712e0.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001008 pwszName=\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
305812e0.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000707350
305912e0.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000707350
306012e0.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EFFE58BB9FD8A94FD1609B7F82A43C8E09D98AA
306112e0.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL'
306212e0.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
306312e0.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
306412e0.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL) WinVerifyTrust
306512e0.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
306612e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
306712e0.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
306812e0.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wshtcpip.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000001408f141:<flags> [calling]
306912e0.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
307012e0.430: supR3HardenedDllNotificationCallback: load 000007fefc370000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [fFlags=0x0]
307112e0.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
307212e0.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc370000 'C:\Windows\System32\wshtcpip.dll'
307312e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
307412e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cfdc61:<flags> [calling]
307512e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef30b0000 'C:\Windows\system32\dsound.dll'
307612e0.a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
307712e0.a88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000006cff011:<flags> [calling]
307812e0.a88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefad30000 'C:\Windows\system32\winmm.dll'
307912e0.15ec: supR3HardenedDllNotificationCallback: Unload 000007fef1400000 LB 0x0000d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
308012e0.236c: supR3HardenedDllNotificationCallback: Unload 000007fef1410000 LB 0x0000b000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
308112e0.fd0: supR3HardenedDllNotificationCallback: Unload 000007fef48e0000 LB 0x0000c000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
308212e0.206c: supR3HardenedDllNotificationCallback: Unload 000007fef48f0000 LB 0x0000d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
308312e0.1c68: supR3HardenedDllNotificationCallback: Unload 000007fef4920000 LB 0x0000b000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
308412e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fefc370000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [flags=0x0]
308512e0.a88: supR3HardenedDllNotificationCallback: Unload 000007feef900000 LB 0x00019000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [flags=0x0]
308612e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fef0430000 LB 0x00017000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [flags=0x0]
308712e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fef04f0000 LB 0x00017000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [flags=0x0]
308812e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fef0700000 LB 0x0001e000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [flags=0x0]
308912e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fef0510000 LB 0x0002d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
309012e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fedbbb0000 LB 0x009ad000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD.DLL [flags=0x0]
309112e0.a88: supR3HardenedDllNotificationCallback: Unload 000007feeaa40000 LB 0x0005d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDD2.dll [flags=0x0]
309212e0.a88: supR3HardenedDllNotificationCallback: Unload 000007fef0450000 LB 0x00058000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxDDU.dll [flags=0x0]
309312e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fef6550000 LB 0x0000d000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [flags=0x0]
309412e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fef81c0000 LB 0x000d0000 C:\Windows\system32\wbem\fastprox.dll [flags=0x0]
309512e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fef8190000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [flags=0x0]
309612e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fef7fe0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [flags=0x0]
309712e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fef8960000 LB 0x0000d000 C:\Windows\system32\wbem\wbemprox.dll [flags=0x0]
309812e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fef88e0000 LB 0x00078000 C:\Windows\system32\wbemcomn2.dll [flags=0x0]
309912e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fee9520000 LB 0x000b5000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxProxyStub.dll [flags=0x0]
310012e0.1d88: supR3HardenedDllNotificationCallback: Unload 000007fedc560000 LB 0x004f5000 C:\Program Files (x86)\WirtgenGroupSolutions\VirtualBox\VirtualBox\VBoxC.dll [flags=0x0]
310112e0.1d88: Terminating the normal way: rcExit=0
310212e0.1d88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
310312e0.1d88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000026ed11:<flags> [calling]
310412e0.1d88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd320000 'C:\Windows\system32\WINTRUST.dll'
31052564.1904: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 37598 ms, the end);
31061770.2404: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 38205 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy