VirtualBox

Ticket #17026: VBoxHardening.log

File VBoxHardening.log, 406.1 KB (added by H4rDw4rE, 7 years ago)
Line 
1ce4.e74: Log file opened: 5.1.26r117224 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2ce4.e74: \SystemRoot\System32\ntdll.dll:
3ce4.e74: CreationTime: 2017-05-03T20:37:09.450097400Z
4ce4.e74: LastWriteTime: 2017-03-08T04:34:53.679171200Z
5ce4.e74: ChangeTime: 2017-05-03T20:53:26.588413600Z
6ce4.e74: FileAttributes: 0x20
7ce4.e74: Size: 0x1a7100
8ce4.e74: NT Headers: 0xe0
9ce4.e74: Timestamp: 0x58bf89e8
10ce4.e74: Machine: 0x8664 - amd64
11ce4.e74: Timestamp: 0x58bf89e8
12ce4.e74: Image Version: 6.1
13ce4.e74: SizeOfImage: 0x1aa000 (1744896)
14ce4.e74: Resource Dir: 0x14e000 LB 0x5a028
15ce4.e74: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16ce4.e74: [Raw version resource data: 0x14e0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17ce4.e74: ProductName: Microsoft® Windows® Operating System
18ce4.e74: ProductVersion: 6.1.7601.23714
19ce4.e74: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
20ce4.e74: FileDescription: NT Layer DLL
21ce4.e74: \SystemRoot\System32\kernel32.dll:
22ce4.e74: CreationTime: 2017-05-03T20:37:07.560989300Z
23ce4.e74: LastWriteTime: 2017-03-08T04:33:07.549000000Z
24ce4.e74: ChangeTime: 2017-05-03T20:53:27.352814900Z
25ce4.e74: FileAttributes: 0x20
26ce4.e74: Size: 0x11c000
27ce4.e74: NT Headers: 0xe0
28ce4.e74: Timestamp: 0x58bf8a2d
29ce4.e74: Machine: 0x8664 - amd64
30ce4.e74: Timestamp: 0x58bf8a2d
31ce4.e74: Image Version: 6.1
32ce4.e74: SizeOfImage: 0x11f000 (1175552)
33ce4.e74: Resource Dir: 0x116000 LB 0x528
34ce4.e74: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35ce4.e74: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36ce4.e74: ProductName: Microsoft® Windows® Operating System
37ce4.e74: ProductVersion: 6.1.7601.23714
38ce4.e74: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
39ce4.e74: FileDescription: Windows NT BASE API Client DLL
40ce4.e74: \SystemRoot\System32\KernelBase.dll:
41ce4.e74: CreationTime: 2017-05-03T20:37:07.882007700Z
42ce4.e74: LastWriteTime: 2017-03-08T04:33:07.564000000Z
43ce4.e74: ChangeTime: 2017-05-03T20:53:27.352814900Z
44ce4.e74: FileAttributes: 0x20
45ce4.e74: Size: 0x66800
46ce4.e74: NT Headers: 0xe8
47ce4.e74: Timestamp: 0x58bf8a2e
48ce4.e74: Machine: 0x8664 - amd64
49ce4.e74: Timestamp: 0x58bf8a2e
50ce4.e74: Image Version: 6.1
51ce4.e74: SizeOfImage: 0x6a000 (434176)
52ce4.e74: Resource Dir: 0x68000 LB 0x530
53ce4.e74: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54ce4.e74: [Raw version resource data: 0x680b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
55ce4.e74: ProductName: Microsoft® Windows® Operating System
56ce4.e74: ProductVersion: 6.1.7601.23714
57ce4.e74: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
58ce4.e74: FileDescription: Windows NT BASE API Client DLL
59ce4.e74: \SystemRoot\System32\apisetschema.dll:
60ce4.e74: CreationTime: 2017-05-03T20:37:00.639593500Z
61ce4.e74: LastWriteTime: 2017-03-08T04:33:02.304000000Z
62ce4.e74: ChangeTime: 2017-05-03T20:53:26.557213500Z
63ce4.e74: FileAttributes: 0x20
64ce4.e74: Size: 0x1a00
65ce4.e74: NT Headers: 0xc0
66ce4.e74: Timestamp: 0x58bf89c7
67ce4.e74: Machine: 0x8664 - amd64
68ce4.e74: Timestamp: 0x58bf89c7
69ce4.e74: Image Version: 6.1
70ce4.e74: SizeOfImage: 0x50000 (327680)
71ce4.e74: Resource Dir: 0x30000 LB 0x3f8
72ce4.e74: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73ce4.e74: [Raw version resource data: 0x30060 LB 0x398, codepage 0x0 (reserved 0x0)]
74ce4.e74: ProductName: Microsoft® Windows® Operating System
75ce4.e74: ProductVersion: 6.1.7601.23714
76ce4.e74: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
77ce4.e74: FileDescription: ApiSet Schema DLL
78ce4.e74: NtOpenDirectoryObject failed on \Driver: 0xc0000022
79ce4.e74: supR3HardenedWinFindAdversaries: 0x0
80ce4.e74: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
81ce4.e74: Calling main()
82ce4.e74: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
83ce4.e74: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
84ce4.e74: SUPR3HardenedMain: Respawn #1
85ce4.e74: System32: \Device\HarddiskVolume1\Windows\System32
86ce4.e74: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
87ce4.e74: KnownDllPath: C:\Windows\system32
88ce4.e74: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
89ce4.e74: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
90ce4.e74: supR3HardNtEnableThreadCreation:
91ce4.e74: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007783a360 pvNtTerminateThread=000000007785c260
92ce4.e74: supR3HardenedWinDoReSpawn(1): New child 1af8.dc0 [kernel32].
93ce4.e74: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd3000 cbPeb=0x380
94ce4.e74: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077810000 uNtDllChildAddr=0000000077810000
95ce4.e74: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007783a360
96ce4.e74: supR3HardenedWinSetupChildInit: Start child.
97ce4.e74: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 2 ms.
98ce4.e74: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps
99ce4.e74: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
100ce4.e74: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
101ce4.e74: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
102ce4.e74: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
103ce4.e74: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
104ce4.e74: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
105ce4.e74: 0000000000041000-000000000008ffff 0x0001/0x0000 0x0000000
106ce4.e74: *0000000000090000-000000000018bfff 0x0000/0x0004 0x0020000
107ce4.e74: 000000000018c000-000000000018dfff 0x0104/0x0004 0x0020000
108ce4.e74: 000000000018e000-000000000018ffff 0x0004/0x0004 0x0020000
109ce4.e74: 0000000000190000-000000007780ffff 0x0001/0x0000 0x0000000
110ce4.e74: *0000000077810000-0000000077810fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
111ce4.e74: 0000000077811000-000000007790dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
112ce4.e74: 000000007790e000-000000007793cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
113ce4.e74: 000000007793d000-0000000077946fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
114ce4.e74: 0000000077947000-0000000077947fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
115ce4.e74: 0000000077948000-000000007794afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
116ce4.e74: 000000007794b000-00000000779b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
117ce4.e74: 00000000779ba000-000000007efdffff 0x0001/0x0000 0x0000000
118ce4.e74: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
119ce4.e74: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
120ce4.e74: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
121ce4.e74: 000000007fff0000-000000013f93ffff 0x0001/0x0000 0x0000000
122ce4.e74: *000000013f940000-000000013f940fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
123ce4.e74: 000000013f941000-000000013f9b0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
124ce4.e74: 000000013f9b1000-000000013f9b1fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
125ce4.e74: 000000013f9b2000-000000013f9f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
126ce4.e74: 000000013f9f8000-000000013f9f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
127ce4.e74: 000000013f9f9000-000000013f9f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
128ce4.e74: 000000013f9fa000-000000013f9fefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
129ce4.e74: 000000013f9ff000-000000013f9fffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
130ce4.e74: 000000013fa00000-000000013fa00fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
131ce4.e74: 000000013fa01000-000000013fa04fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
132ce4.e74: 000000013fa05000-000000013fa4cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
133ce4.e74: 000000013fa4d000-000007feffb2ffff 0x0001/0x0000 0x0000000
134ce4.e74: *000007feffb30000-000007feffb30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
135ce4.e74: 000007feffb31000-000007fffffaffff 0x0001/0x0000 0x0000000
136ce4.e74: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
137ce4.e74: *000007fffffd3000-000007fffffd3fff 0x0004/0x0004 0x0020000
138ce4.e74: 000007fffffd4000-000007fffffddfff 0x0001/0x0000 0x0000000
139ce4.e74: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
140ce4.e74: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
141ce4.e74: apisetschema.dll: timestamp 0x58bf89c7 (rc=VINF_SUCCESS)
142ce4.e74: VirtualBox.exe: timestamp 0x5979cfa2 (rc=VINF_SUCCESS)
143ce4.e74: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
144ce4.e74: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
145ce4.e74: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
146ce4.e74: supR3HardNtChildPurify: Done after 284 ms and 0 fixes (loop #0).
147ce4.e74: supR3HardNtEnableThreadCreation:
1481af8.dc0: Log file opened: 5.1.26r117224 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
1491af8.dc0: supR3HardenedVmProcessInit: uNtDllAddr=0000000077810000 g_uNtVerCombined=0x611db100
1501af8.dc0: ntdll.dll: timestamp 0x58bf89e8 (rc=VINF_SUCCESS)
1511af8.dc0: New simple heap: #1 0000000000290000 LB 0x400000 (for 1744896 allocation)
1521af8.dc0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
1531af8.dc0: System32: \Device\HarddiskVolume1\Windows\System32
1541af8.dc0: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
1551af8.dc0: KnownDllPath: C:\Windows\system32
1561af8.dc0: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1571af8.dc0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1581af8.dc0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1591af8.dc0: Registered Dll notification callback with NTDLL.
1601af8.dc0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
1611af8.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
1621af8.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1631af8.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1641af8.dc0: supR3HardenedDllNotificationCallback: load 00000000775f0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
1651af8.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1661af8.dc0: supR3HardenedDllNotificationCallback: load 000007fefd6c0000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1671af8.dc0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
1681af8.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
1691af8.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775f0000 'C:\Windows\system32\kernel32.dll'
1701af8.dc0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007783a360 pvNtTerminateThread=000000007785c260
171ce4.e74: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 22 ms.
1721af8.dc0: \SystemRoot\System32\ntdll.dll:
1731af8.dc0: CreationTime: 2017-05-03T20:37:09.450097400Z
1741af8.dc0: LastWriteTime: 2017-03-08T04:34:53.679171200Z
1751af8.dc0: ChangeTime: 2017-05-03T20:53:26.588413600Z
1761af8.dc0: FileAttributes: 0x20
1771af8.dc0: Size: 0x1a7100
1781af8.dc0: NT Headers: 0xe0
1791af8.dc0: Timestamp: 0x58bf89e8
1801af8.dc0: Machine: 0x8664 - amd64
1811af8.dc0: Timestamp: 0x58bf89e8
1821af8.dc0: Image Version: 6.1
1831af8.dc0: SizeOfImage: 0x1aa000 (1744896)
1841af8.dc0: Resource Dir: 0x14e000 LB 0x5a028
1851af8.dc0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1861af8.dc0: [Raw version resource data: 0x14e0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1871af8.dc0: ProductName: Microsoft® Windows® Operating System
1881af8.dc0: ProductVersion: 6.1.7601.23714
1891af8.dc0: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
1901af8.dc0: FileDescription: NT Layer DLL
1911af8.dc0: \SystemRoot\System32\kernel32.dll:
1921af8.dc0: CreationTime: 2017-05-03T20:37:07.560989300Z
1931af8.dc0: LastWriteTime: 2017-03-08T04:33:07.549000000Z
1941af8.dc0: ChangeTime: 2017-05-03T20:53:27.352814900Z
1951af8.dc0: FileAttributes: 0x20
1961af8.dc0: Size: 0x11c000
1971af8.dc0: NT Headers: 0xe0
1981af8.dc0: Timestamp: 0x58bf8a2d
1991af8.dc0: Machine: 0x8664 - amd64
2001af8.dc0: Timestamp: 0x58bf8a2d
2011af8.dc0: Image Version: 6.1
2021af8.dc0: SizeOfImage: 0x11f000 (1175552)
2031af8.dc0: Resource Dir: 0x116000 LB 0x528
2041af8.dc0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2051af8.dc0: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
2061af8.dc0: ProductName: Microsoft® Windows® Operating System
2071af8.dc0: ProductVersion: 6.1.7601.23714
2081af8.dc0: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
2091af8.dc0: FileDescription: Windows NT BASE API Client DLL
2101af8.dc0: \SystemRoot\System32\KernelBase.dll:
2111af8.dc0: CreationTime: 2017-05-03T20:37:07.882007700Z
2121af8.dc0: LastWriteTime: 2017-03-08T04:33:07.564000000Z
2131af8.dc0: ChangeTime: 2017-05-03T20:53:27.352814900Z
2141af8.dc0: FileAttributes: 0x20
2151af8.dc0: Size: 0x66800
2161af8.dc0: NT Headers: 0xe8
2171af8.dc0: Timestamp: 0x58bf8a2e
2181af8.dc0: Machine: 0x8664 - amd64
2191af8.dc0: Timestamp: 0x58bf8a2e
2201af8.dc0: Image Version: 6.1
2211af8.dc0: SizeOfImage: 0x6a000 (434176)
2221af8.dc0: Resource Dir: 0x68000 LB 0x530
2231af8.dc0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2241af8.dc0: [Raw version resource data: 0x680b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
2251af8.dc0: ProductName: Microsoft® Windows® Operating System
2261af8.dc0: ProductVersion: 6.1.7601.23714
2271af8.dc0: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
2281af8.dc0: FileDescription: Windows NT BASE API Client DLL
2291af8.dc0: \SystemRoot\System32\apisetschema.dll:
2301af8.dc0: CreationTime: 2017-05-03T20:37:00.639593500Z
2311af8.dc0: LastWriteTime: 2017-03-08T04:33:02.304000000Z
2321af8.dc0: ChangeTime: 2017-05-03T20:53:26.557213500Z
2331af8.dc0: FileAttributes: 0x20
2341af8.dc0: Size: 0x1a00
2351af8.dc0: NT Headers: 0xc0
2361af8.dc0: Timestamp: 0x58bf89c7
2371af8.dc0: Machine: 0x8664 - amd64
2381af8.dc0: Timestamp: 0x58bf89c7
2391af8.dc0: Image Version: 6.1
2401af8.dc0: SizeOfImage: 0x50000 (327680)
2411af8.dc0: Resource Dir: 0x30000 LB 0x3f8
2421af8.dc0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2431af8.dc0: [Raw version resource data: 0x30060 LB 0x398, codepage 0x0 (reserved 0x0)]
2441af8.dc0: ProductName: Microsoft® Windows® Operating System
2451af8.dc0: ProductVersion: 6.1.7601.23714
2461af8.dc0: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
2471af8.dc0: FileDescription: ApiSet Schema DLL
2481af8.dc0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
2491af8.dc0: supR3HardenedWinFindAdversaries: 0x0
2501af8.dc0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
2511af8.dc0: Calling main()
2521af8.dc0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2531af8.dc0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
2541af8.dc0: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2551af8.dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2561af8.dc0: SUPR3HardenedMain: Respawn #2
2571af8.dc0: supR3HardNtEnableThreadCreation:
2581af8.dc0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
2591af8.dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
2601af8.dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2611af8.dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2621af8.dc0: supR3HardenedDllNotificationCallback: load 000007fefd2c0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2631af8.dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2641af8.dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2c0000 'C:\Windows\system32\apphelp.dll'
2651af8.dc0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007783a360 pvNtTerminateThread=000000007785c260
2661af8.dc0: supR3HardenedWinDoReSpawn(2): New child 16fc.bc4 [kernel32].
2671af8.dc0: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdd000 cbPeb=0x380
2681af8.dc0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077810000 uNtDllChildAddr=0000000077810000
2691af8.dc0: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007783a360
2701af8.dc0: supR3HardenedWinSetupChildInit: Start child.
2711af8.dc0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 2 ms.
2721af8.dc0: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps
2731af8.dc0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2741af8.dc0: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
2751af8.dc0: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
2761af8.dc0: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
2771af8.dc0: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
2781af8.dc0: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
2791af8.dc0: 0000000000041000-000000000020ffff 0x0001/0x0000 0x0000000
2801af8.dc0: *0000000000210000-000000000030bfff 0x0000/0x0004 0x0020000
2811af8.dc0: 000000000030c000-000000000030dfff 0x0104/0x0004 0x0020000
2821af8.dc0: 000000000030e000-000000000030ffff 0x0004/0x0004 0x0020000
2831af8.dc0: 0000000000310000-000000007780ffff 0x0001/0x0000 0x0000000
2841af8.dc0: *0000000077810000-0000000077810fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2851af8.dc0: 0000000077811000-000000007790dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2861af8.dc0: 000000007790e000-000000007793cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2871af8.dc0: 000000007793d000-0000000077946fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2881af8.dc0: 0000000077947000-0000000077947fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2891af8.dc0: 0000000077948000-000000007794afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2901af8.dc0: 000000007794b000-00000000779b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2911af8.dc0: 00000000779ba000-000000007efdffff 0x0001/0x0000 0x0000000
2921af8.dc0: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
2931af8.dc0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2941af8.dc0: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
2951af8.dc0: 000000007fff0000-000000013f93ffff 0x0001/0x0000 0x0000000
2961af8.dc0: *000000013f940000-000000013f940fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2971af8.dc0: 000000013f941000-000000013f9b0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2981af8.dc0: 000000013f9b1000-000000013f9b1fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2991af8.dc0: 000000013f9b2000-000000013f9f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3001af8.dc0: 000000013f9f8000-000000013f9f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3011af8.dc0: 000000013f9f9000-000000013f9f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3021af8.dc0: 000000013f9fa000-000000013f9fefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3031af8.dc0: 000000013f9ff000-000000013f9fffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3041af8.dc0: 000000013fa00000-000000013fa00fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3051af8.dc0: 000000013fa01000-000000013fa04fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3061af8.dc0: 000000013fa05000-000000013fa4cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3071af8.dc0: 000000013fa4d000-000007feffb2ffff 0x0001/0x0000 0x0000000
3081af8.dc0: *000007feffb30000-000007feffb30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
3091af8.dc0: 000007feffb31000-000007fffffaffff 0x0001/0x0000 0x0000000
3101af8.dc0: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
3111af8.dc0: 000007fffffd3000-000007fffffdcfff 0x0001/0x0000 0x0000000
3121af8.dc0: *000007fffffdd000-000007fffffddfff 0x0004/0x0004 0x0020000
3131af8.dc0: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
3141af8.dc0: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
3151af8.dc0: apisetschema.dll: timestamp 0x58bf89c7 (rc=VINF_SUCCESS)
3161af8.dc0: VirtualBox.exe: timestamp 0x5979cfa2 (rc=VINF_SUCCESS)
3171af8.dc0: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3181af8.dc0: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
3191af8.dc0: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
3201af8.dc0: supR3HardNtChildPurify: Done after 283 ms and 0 fixes (loop #0).
3211af8.dc0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000290000 LB 0x400000)
32216fc.bc4: Log file opened: 5.1.26r117224 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
32316fc.bc4: supR3HardenedVmProcessInit: uNtDllAddr=0000000077810000 g_uNtVerCombined=0x611db100
3241af8.dc0: supR3HardNtEnableThreadCreation:
32516fc.bc4: ntdll.dll: timestamp 0x58bf89e8 (rc=VINF_SUCCESS)
32616fc.bc4: New simple heap: #1 0000000000310000 LB 0x400000 (for 1744896 allocation)
32716fc.bc4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
32816fc.bc4: System32: \Device\HarddiskVolume1\Windows\System32
32916fc.bc4: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
33016fc.bc4: KnownDllPath: C:\Windows\system32
33116fc.bc4: supR3HardenedVmProcessInit: Opening vboxdrv...
33216fc.bc4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
33316fc.bc4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
33416fc.bc4: Registered Dll notification callback with NTDLL.
33516fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
33616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
33716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
33816fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
33916fc.bc4: supR3HardenedDllNotificationCallback: load 00000000775f0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
34016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
34116fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd6c0000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
34216fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
34316fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
34416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775f0000 'C:\Windows\system32\kernel32.dll'
34516fc.bc4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007783a360 pvNtTerminateThread=000000007785c260
3461af8.dc0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 27 ms.
34716fc.bc4: \SystemRoot\System32\ntdll.dll:
34816fc.bc4: CreationTime: 2017-05-03T20:37:09.450097400Z
34916fc.bc4: LastWriteTime: 2017-03-08T04:34:53.679171200Z
35016fc.bc4: ChangeTime: 2017-05-03T20:53:26.588413600Z
35116fc.bc4: FileAttributes: 0x20
35216fc.bc4: Size: 0x1a7100
35316fc.bc4: NT Headers: 0xe0
35416fc.bc4: Timestamp: 0x58bf89e8
35516fc.bc4: Machine: 0x8664 - amd64
35616fc.bc4: Timestamp: 0x58bf89e8
35716fc.bc4: Image Version: 6.1
35816fc.bc4: SizeOfImage: 0x1aa000 (1744896)
35916fc.bc4: Resource Dir: 0x14e000 LB 0x5a028
36016fc.bc4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
36116fc.bc4: [Raw version resource data: 0x14e0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
36216fc.bc4: ProductName: Microsoft® Windows® Operating System
36316fc.bc4: ProductVersion: 6.1.7601.23714
36416fc.bc4: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
36516fc.bc4: FileDescription: NT Layer DLL
36616fc.bc4: \SystemRoot\System32\kernel32.dll:
36716fc.bc4: CreationTime: 2017-05-03T20:37:07.560989300Z
36816fc.bc4: LastWriteTime: 2017-03-08T04:33:07.549000000Z
36916fc.bc4: ChangeTime: 2017-05-03T20:53:27.352814900Z
37016fc.bc4: FileAttributes: 0x20
37116fc.bc4: Size: 0x11c000
37216fc.bc4: NT Headers: 0xe0
37316fc.bc4: Timestamp: 0x58bf8a2d
37416fc.bc4: Machine: 0x8664 - amd64
37516fc.bc4: Timestamp: 0x58bf8a2d
37616fc.bc4: Image Version: 6.1
37716fc.bc4: SizeOfImage: 0x11f000 (1175552)
37816fc.bc4: Resource Dir: 0x116000 LB 0x528
37916fc.bc4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
38016fc.bc4: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
38116fc.bc4: ProductName: Microsoft® Windows® Operating System
38216fc.bc4: ProductVersion: 6.1.7601.23714
38316fc.bc4: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
38416fc.bc4: FileDescription: Windows NT BASE API Client DLL
38516fc.bc4: \SystemRoot\System32\KernelBase.dll:
38616fc.bc4: CreationTime: 2017-05-03T20:37:07.882007700Z
38716fc.bc4: LastWriteTime: 2017-03-08T04:33:07.564000000Z
38816fc.bc4: ChangeTime: 2017-05-03T20:53:27.352814900Z
38916fc.bc4: FileAttributes: 0x20
39016fc.bc4: Size: 0x66800
39116fc.bc4: NT Headers: 0xe8
39216fc.bc4: Timestamp: 0x58bf8a2e
39316fc.bc4: Machine: 0x8664 - amd64
39416fc.bc4: Timestamp: 0x58bf8a2e
39516fc.bc4: Image Version: 6.1
39616fc.bc4: SizeOfImage: 0x6a000 (434176)
39716fc.bc4: Resource Dir: 0x68000 LB 0x530
39816fc.bc4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
39916fc.bc4: [Raw version resource data: 0x680b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
40016fc.bc4: ProductName: Microsoft® Windows® Operating System
40116fc.bc4: ProductVersion: 6.1.7601.23714
40216fc.bc4: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
40316fc.bc4: FileDescription: Windows NT BASE API Client DLL
40416fc.bc4: \SystemRoot\System32\apisetschema.dll:
40516fc.bc4: CreationTime: 2017-05-03T20:37:00.639593500Z
40616fc.bc4: LastWriteTime: 2017-03-08T04:33:02.304000000Z
40716fc.bc4: ChangeTime: 2017-05-03T20:53:26.557213500Z
40816fc.bc4: FileAttributes: 0x20
40916fc.bc4: Size: 0x1a00
41016fc.bc4: NT Headers: 0xc0
41116fc.bc4: Timestamp: 0x58bf89c7
41216fc.bc4: Machine: 0x8664 - amd64
41316fc.bc4: Timestamp: 0x58bf89c7
41416fc.bc4: Image Version: 6.1
41516fc.bc4: SizeOfImage: 0x50000 (327680)
41616fc.bc4: Resource Dir: 0x30000 LB 0x3f8
41716fc.bc4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
41816fc.bc4: [Raw version resource data: 0x30060 LB 0x398, codepage 0x0 (reserved 0x0)]
41916fc.bc4: ProductName: Microsoft® Windows® Operating System
42016fc.bc4: ProductVersion: 6.1.7601.23714
42116fc.bc4: FileVersion: 6.1.7601.23714 (win7sp1_ldr.170307-1800)
42216fc.bc4: FileDescription: ApiSet Schema DLL
42316fc.bc4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
42416fc.bc4: supR3HardenedWinFindAdversaries: 0x0
42516fc.bc4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
42616fc.bc4: Calling main()
42716fc.bc4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
42816fc.bc4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
42916fc.bc4: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
43016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
43116fc.bc4: SUPR3HardenedMain: Final process, opening VBoxDrv...
43216fc.bc4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000310000 LB 0x400000)
43316fc.bc4: supR3HardNtEnableThreadCreation:
43416fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
43516fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
43616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b6f1:<flags> [calling]
43716fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
43816fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef4f90000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
43916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000308e71:<flags> [calling]
44216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4f90000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
44316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44416fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000308e71:<flags> [calling]
44516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4f90000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
44616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4f90000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
44716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
44816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
44916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
45016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
45116fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
45216fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
45316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
45416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
45516fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
45616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
45716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
45816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
45916fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
46016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
46116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
46216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
46316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
46416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
46516fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
46616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
46716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
46816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
46916fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
47016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
47116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
47216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
47316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
47416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
47516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
47616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
47716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d501:<flags> [calling]
47816fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
47916fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd670000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
48016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
48116fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefda70000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
48216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
48316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd740000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
48416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
48516fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd500000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
48616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
48716fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd8c0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
48816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
48916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd670000 'C:\Windows\system32\Wintrust.dll'
49016fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
49116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
49216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d501:<flags> [calling]
49316fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
49416fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefce00000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
49516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
49616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce00000 'C:\Windows\system32\bcrypt.dll'
49716fc.bc4: bcrypt.dll loaded at 000007fefce00000, BCryptOpenAlgorithmProvider at 000007fefce02460, preloading providers:
49816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
49916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
50016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
50116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
50216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
50316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
50416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
50516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
50616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
50716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
50816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
50916fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
51016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
51116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
51216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
51316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
51416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
51516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
51616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
51716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d4e1:<flags> [calling]
51816fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
51916fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefc8f0000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
52016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
52116fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff4d0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
52216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
52316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
52416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
52516fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
52616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
52716fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff130000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
52816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
52916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8f0000 'C:\Windows\system32\bcryptprimitives.dll'
53016fc.bc4: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000089d430)
53116fc.bc4: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000089eb20)
53216fc.bc4: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000089f4d0)
53316fc.bc4: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000089f600)
53416fc.bc4: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000089f730)
53516fc.bc4: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000089f860)
53616fc.bc4: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000089fab0)
53716fc.bc4: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000089fbe0)
53816fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
53916fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
54016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
54116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
54216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
54316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
54416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
54516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
54616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d051:<flags> [calling]
54716fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
54816fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefccb0000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
54916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
55016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccb0000 'C:\Windows\system32\CRYPTSP.dll'
55116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
55216fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
55316fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
55416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
55516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
55616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
55716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cfe1:<flags> [calling]
55816fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
55916fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefc9b0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
56016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
56116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9b0000 'C:\Windows\system32\rsaenh.dll'
56216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
56316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c871:<flags> [calling]
56416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.dll'
56516fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
56616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
56716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cbf1:<flags> [calling]
56816fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
56916fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd320000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
57016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
57116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd320000 'C:\Windows\system32\CRYPTBASE.dll'
57216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
57316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c621:<flags> [calling]
57416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775f0000 'C:\Windows\system32\kernel32.dll'
57516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
57616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cfb1:<flags> [calling]
57716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd670000 'C:\Windows\system32\WINTRUST.DLL'
57816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
57916fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030cde1:<flags> [calling]
58016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd740000 'C:\Windows\system32\CRYPT32.dll'
58116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
58216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
58316fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
58416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
58516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
58616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
58716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
58816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
58916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
59016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
59116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ce31:<flags> [calling]
59216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
59316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefed20000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
59416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
59516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed20000 'C:\Windows\system32\imagehlp.dll'
59616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
59716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cf81:<flags> [calling]
59816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccb0000 'C:\Windows\system32\CRYPTSP.dll'
59916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
60016fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
60116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
60216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
60316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
60416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
60516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
60616fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
60716fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
60816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
60916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
61016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
61116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
61216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
61316fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
61416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
61516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
61616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
61716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
61816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
61916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
62016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
62116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
62216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
62316fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
62416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
62516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
62616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
62716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
62816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
62916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
63016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
63116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
63216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
63316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
63416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
63516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
63616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
63716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
63816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
63916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
64016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cab1:<flags> [calling]
64116fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
64216fc.bc4: supR3HardenedDllNotificationCallback: load 0000000077710000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
64316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
64416fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd9f0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
64516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
64616fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefda60000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
64716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\lpk.dll [lacks WinVerifyTrust]
64816fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff060000 LB 0x000ca000 C:\Windows\system32\USP10.dll [fFlags=0x0]
64916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\usp10.dll [lacks WinVerifyTrust]
65016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
65116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bfb1:<flags> [calling]
65216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\gdi32.dll'
65316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
65416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
65516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
65616fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
65716fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
65816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
65916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
66016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
66116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
66216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
66316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
66416fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
66516fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
66616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
66716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
66816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
66916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
67016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
67116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
67216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
67316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
67416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
67516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
67616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
67716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
67816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
67916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
68016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
68116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
68216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
68316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
68416fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b8f1:<flags> [calling]
68516fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
68616fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff9d0000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
68716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
68816fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefed40000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
68916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
69016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff9d0000 'C:\Windows\system32\IMM32.DLL'
69116fc.bc4: \Device\HarddiskVolume1\Windows\System32\nvinitx.dll: Owner is administrators group.
69216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
69316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
69416fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nvinitx.dll)
69516fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nvinitx.dll
69616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
69716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
69816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
69916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
70016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
70116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
70216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\nvinitx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b501:<flags> [calling]
70316fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
70416fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd430000 LB 0x00031000 C:\Windows\system32\nvinitx.dll [fFlags=0x0]
70516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
70616fc.bc4: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll: Owner is administrators group.
70716fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll)
70816fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
70916fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030a991:<flags> [calling]
71016fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
71116fc.bc4: supR3HardenedDllNotificationCallback: load 000000000f000000 LB 0x00006000 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll [fFlags=0x0]
71216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
71316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000f000000 'C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll'
71416fc.bc4: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll: Owner is administrators group.
71516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
71616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'detoured.dll'.
71716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
71816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
71916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'setupapi.dll'.
72016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll)
72116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
72216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
72316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
72416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
72516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
72616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
72716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
72816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
72916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
73016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
73116fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\setupapi.dll)
73216fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\setupapi.dll
73316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
73416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
73516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
73616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
73716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
73816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
73916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'detoured.dll'...
74016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'detoured.dll' -> '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll' [rcNtRedir=0xc0150008]
74116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
74216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
74316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
74416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
74516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
74616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume1\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
74716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
74816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
74916fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\devobj.dll)
75016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\devobj.dll
75116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
75216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
75316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
75416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
75516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
75616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
75716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
75816fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\oleaut32.dll)
75916fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
76016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
76116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
76216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
76316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
76416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
76516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
76616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
76716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
76816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
76916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
77016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
77116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
77216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
77316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
77416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
77516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
77616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
77716fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll)
77816fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
77916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
78016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
78116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
78216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
78316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
78416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
78516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
78616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
78716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
78816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
78916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
79016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
79116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
79216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
79316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
79416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
79516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
79616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
79716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
79816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
79916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
80016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
80116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
80216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
80316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
80416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
80516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
80616fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ole32.dll)
80716fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ole32.dll
80816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
80916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
81016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
81116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
81216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
81316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
81416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
81516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
81616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
81716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
81816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
81916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
82016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
82116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
82216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
82316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
82416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
82516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
82616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030a991:<flags> [calling]
82716fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll [lacks WinVerifyTrust]
82816fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefb040000 LB 0x0005f000 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll [fFlags=0x0]
82916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll [lacks WinVerifyTrust]
83016fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefdbb0000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
83116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
83216fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd610000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
83316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
83416fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff5b0000 LB 0x000da000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
83516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
83616fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefdd90000 LB 0x001fc000 C:\Windows\system32\ole32.dll [fFlags=0x0]
83716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ole32.dll [lacks WinVerifyTrust]
83816fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd520000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
83916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\devobj.dll [lacks WinVerifyTrust]
84016fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
84116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000309ad1:<flags> [calling]
84216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775f0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
84316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb040000 'C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll'
84416fc.bc4: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll: Owner is administrators group.
84516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'detoured.dll'.
84616fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll)
84716fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
84816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'detoured.dll'...
84916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'detoured.dll' -> '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll' [rcNtRedir=0xc0150008]
85016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
85116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030a961:<flags> [calling]
85216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll [lacks WinVerifyTrust]
85316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefaff0000 LB 0x00046000 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll [fFlags=0x0]
85416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll [lacks WinVerifyTrust]
85516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaff0000 'C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll'
85616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd430000 'C:\Windows\system32\nvinitx.dll'
85716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077710000 'C:\Windows\system32\USER32.dll'
85816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
85916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
86016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
86116fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
86216fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
86316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
86416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
86516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
86616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
86716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
86816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
86916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
87016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
87116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
87216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cd81:<flags> [calling]
87316fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
87416fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefce30000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
87516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
87616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce30000 'C:\Windows\system32\ncrypt.dll'
87716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
87816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cb71:<flags> [calling]
87916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce00000 'C:\Windows\system32\bcrypt.dll'
88016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
88116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
88216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
88316fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
88416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
88516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
88616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
88716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
88816fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
88916fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
89016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
89116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
89216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
89316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
89416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
89516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
89616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
89716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
89816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
89916fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c501:<flags> [calling]
90016fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
90116fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd550000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
90216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
90316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd510000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
90416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
90516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\Windows\system32\USERENV.dll'
90616fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
90716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c261:<flags> [calling]
90816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
90916fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
91016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c5f1:<flags> [calling]
91116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
91216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
91316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
91416fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
91516fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
91616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
91716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
91816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
91916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
92016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
92116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
92216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c821:<flags> [calling]
92316fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
92416fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefc770000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
92516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
92616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc770000 'C:\Windows\system32\GPAPI.dll'
92716fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
92816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c771:<flags> [calling]
92916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-WIN-Service-Management-L1-1-0.dll'
93016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
93116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\rpcrt4.dll'
93216fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
93316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c751:<flags> [calling]
93416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-WIN-Service-Management-L2-1-0.dll'
93516fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
93616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c761:<flags> [calling]
93716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
93816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
93916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
94016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
94116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
94216fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
94316fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
94416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
94516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
94616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
94716fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
94816fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
94916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
95016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
95116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
95216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
95316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
95416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
95516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
95616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
95716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
95816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
95916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
96016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
96116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c261:<flags> [calling]
96216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
96316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef7df0000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
96416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
96516fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff970000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
96616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
96716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
96816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030b461:<flags> [calling]
96916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
97016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
97116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030b461:<flags> [calling]
97216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
97316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
97416fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030b461:<flags> [calling]
97516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
97616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
97716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030b461:<flags> [calling]
97816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
97916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
98016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030b461:<flags> [calling]
98116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
98216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
98316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030b461:<flags> [calling]
98416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
98516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
98616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
98716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
98816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
98916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
99016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
99116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
99216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
99316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
99416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
99516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
99616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
99716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7df0000 'C:\Windows\system32\cryptnet.dll'
99816fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
99916fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030bb81:<flags> [calling]
100016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
100116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
100216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bb81:<flags> [calling]
100316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd510000 'C:\Windows\system32\profapi.dll'
100416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
100516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
100616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
100716fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
100816fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
100916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
101016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
101116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
101216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
101316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
101416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
101516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
101616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
101716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
101816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b611:<flags> [calling]
101916fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
102016fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefee50000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
102116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
102216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee50000 'C:\Windows\system32\SHLWAPI.dll'
102316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
102416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000930f80
102516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
102616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=27ADA17901FDEECEAD535B81596987F56AD6E4AB
102716fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
102816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c541:<flags> [calling]
102916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
103016fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
103116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c0a1:<flags> [calling]
103216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-WIN-Service-Management-L1-1-0.dll'
103316fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
103416fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c0a1:<flags> [calling]
103516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
103616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
103716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c541:<flags> [calling]
103816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.dll'
103916fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
104016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c4f1:<flags> [calling]
104116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
104216fc.bc4: supR3HardenedIsApiSetDll: '<NULL>' -> true
104316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c1e1:<flags> [calling]
104416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
104516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\SystemRoot\System32\ntdll.dll'
104616fc.bc4: g_pfnWinVerifyTrust=000007fefd671010
104716fc.bc4: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
104816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
104916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
105016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
105116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3F7F1801DE9BB273EE41D6569071191D49046620
105216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_248_for_KB4015552~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
105316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
105416fc.bc4: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
105516fc.bc4: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
105616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
105716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
105816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
105916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=95764F8F8C0CB58DEAD93486461023910C063BC1
106016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
106116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
106216fc.bc4: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
106316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003e8 pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
106416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
106516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
106616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
106716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
106816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
106916fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
107016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003e0 pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
107116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
107216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
107316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
107416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
107516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
107616fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
107716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003dc pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
107816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
107916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
108016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C76D763ED1830F4180ADA4E3AD04BE27640F9DB3
108116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
108216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
108316fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
108416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000002bc pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
108516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
108616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
108716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EBDAA16C3FD93DFF9C20BA3B2689DFF4C8D31061
108816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3159398~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
108916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
109016fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
109116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000228 pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
109216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
109316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
109416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
109516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\profapi.dll'
109616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
109716fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
109816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000224 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
109916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
110016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
110116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
110216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\userenv.dll'
110316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
110416fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
110516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000020c pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
110616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
110716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
110816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=99C2DF7CA4A34FEB8D11FE3CC55CF52A814B8438
110916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
111016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
111116fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
111216fc.bc4: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll'
111316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000210 pwszName=\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
111416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
111516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
111616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CA2CA10AB007A008B525396A0A02F3D6B0744640
111716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT'; file='\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll'
111816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)
111916fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll'
112016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d4 pwszName=\Device\HarddiskVolume1\Windows\System32\ole32.dll
112116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
112216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
112316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FDD9966C52A422D96269F799341A4B3C3369C895
112416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\ole32.dll'
112516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
112616fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ole32.dll'
112716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d0 pwszName=\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
112816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
112916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
113016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
113116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
113216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
113316fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll'
113416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001cc pwszName=\Device\HarddiskVolume1\Windows\System32\oleaut32.dll
113516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
113616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
113716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6C3B3967CA9D3D145651C5098BAF1C0EA892DB24
113816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
113916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
114016fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll'
114116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume1\Windows\System32\devobj.dll
114216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
114316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
114416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
114516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\devobj.dll'
114616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
114716fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\devobj.dll'
114816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume1\Windows\System32\setupapi.dll
114916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
115016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
115116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
115216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
115316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
115416fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\setupapi.dll'
115516fc.bc4: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll'
115616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
115716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
115816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
115916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=64561E6DFF1EFB32620BC4316A5DCD352DCE3840
116016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT'; file='\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll'
116116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)
116216fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll'
116316fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll'
116416fc.bc4: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Windows\System32\nvinitx.dll'
116516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b4 pwszName=\Device\HarddiskVolume1\Windows\System32\nvinitx.dll
116616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
116716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
116816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CC64E5752CA6FC950A91A79D95B25D78AD95C0A2
116916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT'; file='\Device\HarddiskVolume1\Windows\System32\nvinitx.dll'
117016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)
117116fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\nvinitx.dll'
117216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
117316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
117416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
117516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6D141A0C50E469CDD81DC8293CF8B3635FE0240E
117616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\msctf.dll'
117716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
117816fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
117916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
118016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
118116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
118216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
118316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\imm32.dll'
118416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
118516fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
118616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
118716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
118816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
118916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=ADC813DBDCF1B9FE5F76973E63FBF7AB579B7AB9
119016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\usp10.dll'
119116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
119216fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
119316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
119416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
119516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
119616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D6702A34E6C6833353B2B5C37E3DD70E8C1DC96
119716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\lpk.dll'
119816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
119916fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
120016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
120116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
120216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
120316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=92E72626C4FEA50519235FC74881A31BE14DD97E
120416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
120516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
120616fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
120716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
120816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
120916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
121016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03BB259EC2F9D61B0941E0635513FFA135E07009
121116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\user32.dll'
121216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
121316fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
121416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
121516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
121616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
121716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
121816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
121916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
122016fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
122116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000134 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
122216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
122316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
122416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1FE2AAE19353114EFAD6FC2D626F5932A83FC81C
122516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
122616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
122716fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
122816fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
122916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
123016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
123116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
123216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CECCA98E04985A576883E9A9AD8AF2140526B576
123316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
123416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
123516fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
123616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
123716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
123816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
123916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB669FA8DB80F8E50A29D055BB8D558E10E5E6B4
124016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\sechost.dll'
124116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
124216fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
124316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
124416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
124516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
124616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2B61BD7AB00EC99B358D487127095C670F63CB9D
124716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_252_for_KB4015552~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
124816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
124916fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
125016fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
125116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
125216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
125316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
125416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FE9B6E6FA01E8190391C65F5F70E74690B492166
125516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
125616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
125716fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
125816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
125916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
126016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
126116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
126216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
126316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
126416fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
126516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
126616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
126716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
126816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
126916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
127016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
127116fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
127216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
127316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
127416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
127516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=68C4218E03563F473A6E3D3888875A7B875EF0F3
127616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
127716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
127816fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
127916fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
128016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
128116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
128216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
128316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6B104840B801E369D930B3BE62CD0DF0C609A02E
128416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
128516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
128616fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
128716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
128816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
128916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
129016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7817DACE39DB22C52C646D3D5C827A82149E061E
129116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
129216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
129316fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
129416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
129516fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bfe1:<flags> [calling]
129616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd740000 'C:\Windows\system32\crypt32.dll'
129716fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
129816fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
129916fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
130016fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
130116fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
130216fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
130316fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
130416fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
130516fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
130616fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
130716fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
130816fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
130916fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
131016fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
131116fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
131216fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
131316fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
131416fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
131516fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
131616fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
131716fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
131816fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
131916fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
132016fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
132116fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
132216fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
132316fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
132416fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
132516fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
132616fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
132716fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
132816fc.bc4: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
132916fc.bc4: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=32
133016fc.bc4: SUPR3HardenedMain: Load Runtime...
133116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
133216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
133316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
133416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
133516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
133616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
133716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
133816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
133916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
134016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
134116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a4 pwszName=\Device\HarddiskVolume1\Windows\System32\ws2_32.dll
134216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
134316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
134416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=901DCB8172024F14E25295BF5692180F12FC8C18
134516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\ws2_32.dll'
134616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
134716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
134816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
134916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
135016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ws2_32.dll) WinVerifyTrust
135116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
135216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
135316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
135416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
135516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
135616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
135716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
135816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
135916fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
136016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
136116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
136216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
136316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
136416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
136516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
136616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume1\Windows\System32\nsi.dll
136716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
136816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
136916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
137016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\nsi.dll'
137116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
137216fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\nsi.dll) WinVerifyTrust
137316fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\nsi.dll
137416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
137516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
137616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
137716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
137816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c311:<flags> [calling]
137916fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
138016fc.bc4: supR3HardenedDllNotificationCallback: load 000007fed97d0000 LB 0x0053f000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
138116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
138216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
138316fc.bc4: supR3HardenedDllNotificationCallback: load 000000005b850000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
138416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
138516fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
138616fc.bc4: supR3HardenedDllNotificationCallback: load 000000005b7b0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
138716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
138816fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff480000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
138916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
139016fc.bc4: supR3HardenedDllNotificationCallback: load 000007feff690000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
139116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
139216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
139316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
139416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
139516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
139616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
139716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
139816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
139916fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
140016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
140116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
140216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
140316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
140416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
140516fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
140616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
140716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
140816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
140916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
141816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
141916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
143616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309a21:<flags> [calling]
143716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
143916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
144016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed97d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
144116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll
144216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030de71:<flags> [calling]
144316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd670000 'C:\Windows\system32\Wintrust.dll'
144416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
144516fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c9c1:<flags> [calling]
144616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd740000 'C:\Windows\system32\crypt32.dll'
144716fc.bc4: SUPR3HardenedMain: Load TrustedMain...
144816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
144916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
145016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
145116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
145216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
145316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
145416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
145516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
145616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
145716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
145816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
145916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
146016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
146116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
146216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
146316fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
146416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
146516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
146616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
146716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000518 pwszName=\Device\HarddiskVolume1\Windows\System32\winmm.dll
146816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
146916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
147016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
147116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winmm.dll'
147216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
147316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
147416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
147516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmm.dll) WinVerifyTrust
147616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmm.dll
147716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
147816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
147916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
148016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
148116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
148216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
148316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
148416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
148516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000500 pwszName=\Device\HarddiskVolume1\Windows\System32\shell32.dll
148616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
148716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
148816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F13C2B4E594038A8834146A1D81AAE9B43ED8649
148916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_41_for_KB3184143~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume1\Windows\System32\shell32.dll'
149016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
149116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
149216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
149316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
149416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
149516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shell32.dll) WinVerifyTrust
149616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shell32.dll
149716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
149816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
149916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
150016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
150116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
150216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
150316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
150416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
150516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
150616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
150716fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
150816fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
150916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
151016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
151116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
151216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
151316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
151416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
151516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
151616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
151716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
151816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
151916fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
152016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
152116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
152216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
152316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
152416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
152516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
152616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
152716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
152816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
152916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
153016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
153116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
153216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
153316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
153416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
153516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
153616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
153716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
153816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
153916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
154016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
154116fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
154216fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
154316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
154416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
154516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
154616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
154716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
154816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
154916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
155016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
155116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
155216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
155316fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
155416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
155516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
155616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
155716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
155816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
155916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
156016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
156116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
156216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
156316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
156416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
156516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f0 pwszName=\Device\HarddiskVolume1\Windows\System32\opengl32.dll
156616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
156716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
156816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
156916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\opengl32.dll'
157016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
157116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
157216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
157316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
157416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
157516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
157616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
157716fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\opengl32.dll) WinVerifyTrust
157816fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\opengl32.dll
157916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
158016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
158116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
158216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
158316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000520 pwszName=\Device\HarddiskVolume1\Windows\System32\ddraw.dll
158416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
158516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
158616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
158716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\ddraw.dll'
158816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
158916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
159016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
159116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
159216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
159316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
159416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
159516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ddraw.dll) WinVerifyTrust
159616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ddraw.dll
159716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
159816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
159916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004fc pwszName=\Device\HarddiskVolume1\Windows\System32\glu32.dll
160016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
160116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
160216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
160316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\glu32.dll'
160416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
160516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
160616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
160716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
160816fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\glu32.dll) WinVerifyTrust
160916fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\glu32.dll
161016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
161116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
161216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
161316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
161416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
161516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
161616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
161716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
161816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
161916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
162016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
162116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
162216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
162316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume1\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
162416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000548 pwszName=\Device\HarddiskVolume1\Windows\System32\mpr.dll
162516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
162616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
162716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
162816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\mpr.dll'
162916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
163016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mpr.dll) WinVerifyTrust
163116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mpr.dll
163216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
163316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
163416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
163516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
163616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
163716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
163816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
163916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
164016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
164116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
164216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
164316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
164416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
164516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
164616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
164716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
164816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
164916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
165016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
165116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
165216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
165316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
165416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
165516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
165616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
165716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
165816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
165916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
166016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
166116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
166216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
166316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
166416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
166516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
166616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
166716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
166816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
166916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
167016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
167116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
167216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
167316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
167416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
167516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
167616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
167716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
167816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
167916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
168016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
168116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
168216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
168316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
168416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
168516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
168616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
168716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
168816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
168916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000530 pwszName=\Device\HarddiskVolume1\Windows\System32\comdlg32.dll
169016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
169116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
169216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
169316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\comdlg32.dll'
169416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
169516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
169616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
169716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
169816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
169916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
170016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
170116fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comdlg32.dll) WinVerifyTrust
170216fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
170316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
170416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
170516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000053c pwszName=\Device\HarddiskVolume1\Windows\System32\winspool.drv
170616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
170716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
170816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
170916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\winspool.drv'
171016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
171116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
171216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
171316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
171416fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winspool.drv) WinVerifyTrust
171516fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winspool.drv
171616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
171716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
171816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
171916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
172016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
172116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
172216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
172316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
172416fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
172516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
172616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
172716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
172816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
172916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
173016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
173116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
173216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
173316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
173416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
173516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
173616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
173716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
173816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
173916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
174016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
174116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
174216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
174316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
174416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
174516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
174616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
174716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
174816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
174916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
175016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
175116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
175216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
175316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
175416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
175516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
175616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
175716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
175816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
175916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
176016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
176116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
176216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
176316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
176416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
176516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000560 pwszName=\Device\HarddiskVolume1\Windows\System32\comctl32.dll
176616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
176716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
176816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
176916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\comctl32.dll'
177016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
177116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
177216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
177316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
177416fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comctl32.dll) WinVerifyTrust
177516fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comctl32.dll
177616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
177716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
177816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
177916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
178016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
178116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
178216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
178316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
178416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
178516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
178616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
178716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
178816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
178916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
179016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
179116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
179216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
179316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
179416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000054c pwszName=\Device\HarddiskVolume1\Windows\System32\dwmapi.dll
179516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
179616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
179716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F3F3D4867E9140896E0742D7EE8AE1D01FE85ECE
179816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\dwmapi.dll'
179916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
180016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
180116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
180216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
180316fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dwmapi.dll) WinVerifyTrust
180416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
180516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
180616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
180716fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
180816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
180916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
181016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
181116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
181216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000564 pwszName=\Device\HarddiskVolume1\Windows\System32\dciman32.dll
181316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
181416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
181516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C09D42654C73818EE7FA22AC7B93FB2173B75C5C
181616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_359_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\dciman32.dll'
181716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
181816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
181916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
182016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
182116fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dciman32.dll) WinVerifyTrust
182216fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dciman32.dll
182316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
182416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
182516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
182616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
182716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
182816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
182916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
183016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
183116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
183216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
183316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
183416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
183516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
183616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
183716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
183816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
183916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
184016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
184116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
184216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
184316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
184416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
184516fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c321:<flags> [calling]
184616fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
184716fc.bc4: supR3HardenedDllNotificationCallback: load 000007fed8ee0000 LB 0x008eb000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
184816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
184916fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
185016fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef3360000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
185116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
185216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
185316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef3330000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
185416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\glu32.dll
185516fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
185616fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef3110000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
185716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll
185816fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
185916fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef3320000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
186016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll
186116fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
186216fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefacc0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
186316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
186416fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
186516fc.bc4: supR3HardenedDllNotificationCallback: load 000000005b240000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
186616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
186716fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefdf90000 LB 0x00d8a000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
186816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
186916fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
187016fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef87f0000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
187116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll
187216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
187316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fed88e0000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
187416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
187516fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
187616fc.bc4: supR3HardenedDllNotificationCallback: load 000000005acd0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
187716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
187816fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
187916fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef1250000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
188016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
188116fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
188216fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefb480000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
188316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winspool.drv
188416fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefdb10000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
188516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
188616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
188716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
188816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
188916fc.bc4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
189016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
189116fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef9e30000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
189216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
189316fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
189416fc.bc4: supR3HardenedDllNotificationCallback: load 00000000751e0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
189516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
189616fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
189716fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefb550000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
189816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
189916fc.bc4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
190016fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
190116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
190216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
190316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
190416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
190516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
190616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
190716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
190816fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b8c1:<flags> [calling]
190916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff9d0000 'C:\Windows\system32\imm32.dll'
191016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.DLL'
191116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
191216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
191316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd320000 'C:\Windows\system32\cryptbase.dll'
191416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed8ee0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
191516fc.bc4: SUPR3HardenedMain: Calling TrustedMain (000007fed8ee1610)...
191616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
191716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030dc61:<flags> [calling]
191816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd90000 'C:\Windows\system32\ole32.dll'
191916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.dll'
192016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll
192116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c341:<flags> [calling]
192216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd510000 'C:\Windows\system32\profapi.dll'
192316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
192416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
192516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
192616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
192716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
192816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
192916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
193016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
193116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
193216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
193316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
193416fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
193516fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
193616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
193716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
193816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
193916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
194016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
194116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
194216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
194316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
194416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
194516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
194616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
194716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
194816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
194916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
195016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
195116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
195216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
195316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
195416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
195516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
195616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
195716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
195816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll
195916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
196016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
196116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
196216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
196316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
196416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
196516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
196616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030e631:<flags> [calling]
196716fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
196816fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef0500000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
196916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
197016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0500000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
197116fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
197216fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030e561:<flags> [calling]
197316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd320000 'C:\Windows\system32\CRYPTBASE.dll'
197416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005d4 pwszName=\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
197516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
197616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
197716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
197816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\uxtheme.dll'
197916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
198016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
198116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
198216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
198316fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\uxtheme.dll) WinVerifyTrust
198416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
198516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
198616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
198716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
198816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
198916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
199016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
199116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030dfc1:<flags> [calling]
199216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
199316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefb590000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
199416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
199516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb590000 'C:\Windows\system32\uxtheme.dll'
199616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
199716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030da01:<flags> [calling]
199816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb590000 'C:\Windows\system32\uxtheme.dll'
199916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
200016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d771:<flags> [calling]
200116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb590000 'C:\Windows\system32\uxtheme.dll'
200216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
200316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d771:<flags> [calling]
200416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb590000 'C:\Windows\system32\uxtheme.dll'
200516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll
200616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030e851:<flags> [calling]
200716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077710000 'C:\Windows\system32\user32.dll'
200816fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
200916fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030e871:<flags> [calling]
201016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
201116fc.bc4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
201216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
201316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
201416fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030dea1:<flags> [calling]
201516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefacc0000 'C:\Windows\system32\dwmapi.dll'
201616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
201716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ec91:<flags> [calling]
201816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
201916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
202016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ec91:<flags> [calling]
202116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
202216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
202316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ef71:<flags> [calling]
202416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
202516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
202616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ef41:<flags> [calling]
202716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb590000 'C:\Windows\system32\uxtheme.dll'
202816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\advapi32.dll'
202916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll
203016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030eea1:<flags> [calling]
203116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\Windows\system32\userenv.dll'
203216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll
203316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ef81:<flags> [calling]
203416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000775f0000 'C:\Windows\system32\kernel32.dll'
203516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005ec pwszName=\Device\HarddiskVolume1\Windows\System32\clbcatq.dll
203616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
203716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
203816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
203916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\clbcatq.dll'
204016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
204116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
204216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
204316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
204416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
204516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
204616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
204716fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clbcatq.dll) WinVerifyTrust
204816fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
204916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
205016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
205116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
205216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
205316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
205416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
205516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
205616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
205716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
205816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
205916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
206016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
206116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
206216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
206316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
206416fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bc11:<flags> [calling]
206516fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
206616fc.bc4: supR3HardenedDllNotificationCallback: load 000007feffa80000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
206716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
206816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffa80000 'C:\Windows\system32\CLBCatQ.DLL'
206916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.dll'
207016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
207116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030aa61:<flags> [calling]
207216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccb0000 'C:\Windows\system32\CRYPTSP.dll'
207316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000624 pwszName=\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
207416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
207516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
207616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
207716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll'
207816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
207916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
208016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
208116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
208216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
208316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
208416fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030a621:<flags> [calling]
208516fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
208616fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd410000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
208716fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\RpcRtRemote.dll
208816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd410000 'C:\Windows\system32\RpcRtRemote.dll'
208916fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
209016fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
209116fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
209216fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
209316fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
209416fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
209516fc.a54: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
209616fc.a54: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
209716fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
209816fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
209916fc.a54: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
210016fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
210116fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
210216fc.a54: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
210316fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
210416fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
210516fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
210616fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
210716fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
210816fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
210916fc.a54: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
211016fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
211116fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
211216fc.a54: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004dde741:<flags> [calling]
211316fc.a54: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
211416fc.a54: supR3HardenedDllNotificationCallback: load 000007fed83e0000 LB 0x004f7000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
211516fc.a54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
211616fc.a54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed83e0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
211716fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
211816fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
211916fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
212016fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
212116fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
212216fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
212316fc.a54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
212416fc.a54: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
212516fc.a54: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
212616fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
212716fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
212816fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
212916fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
213016fc.a54: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
213116fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
213216fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
213316fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
213416fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
213516fc.a54: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
213616fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
213716fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
213816fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
213916fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
214016fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
214116fc.a54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
214216fc.a54: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004ddd1b1:<flags> [calling]
214316fc.a54: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
214416fc.a54: supR3HardenedDllNotificationCallback: load 000007fef10c0000 LB 0x000b5000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
214516fc.a54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
214616fc.a54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef10c0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
214716fc.a54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
214816fc.a54: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000004ddd041:<flags> [calling]
214916fc.a54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5b0000 'C:\Windows\system32\oleaut32.dll'
215016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.dll'
215116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\gdi32.dll'
215216fc.1fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
215316fc.1fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
215416fc.1fa4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll) WinVerifyTrust
215516fc.1fa4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
215616fc.1fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
215716fc.1fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
215816fc.1fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
215916fc.1fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
216016fc.1fa4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002a0a051:<flags> [calling]
216116fc.1fa4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
216216fc.1fa4: supR3HardenedDllNotificationCallback: load 000007fef3910000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
216316fc.1fa4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
216416fc.1fa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3910000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL'
216516fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
216616fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030aa61:<flags> [calling]
216716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
216816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxoglhostcrutil.dll'.
216916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
217016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
217116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
217216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5openglvbox.dll'.
217316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5widgetsvbox.dll'.
217416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'opengl32.dll'.
217516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
217616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
217716fc.bc4: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000009a0 (hFile=0000000000000998) with 0xc0000022 -> STATUS_TRUST_FAILURE
217816fc.bc4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
217916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009ac pwszName=\Device\HarddiskVolume1\Windows\System32\apphelp.dll
218016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
218116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
218216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=279DFE2A04C40CE4B22260C26A5BB57DF440B52E
218316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3107998~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\apphelp.dll'
218416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
218516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll) WinVerifyTrust
218616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
218716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
218816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
218916fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
219016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
219116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
219216fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
219316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
219416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
219516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
219616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
219716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
219816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
219916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
220016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
220116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
220216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
220316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
220416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
220516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
220616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
220716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shlwapi.dll'.
220816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
220916fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll) WinVerifyTrust
221016fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
221116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
221216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
221316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
221416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
221516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
221616fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
221716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
221816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
221916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
222016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
222116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
222216fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll
222316fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefd2c0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
222416fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll
222516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2c0000 'C:\Windows\system32\apphelp.dll'
222616fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
222716fc.bc4: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000009bc (hFile=00000000000009c8) with 0xc0000022 -> STATUS_TRUST_FAILURE
222816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.dll'
222916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd90000 'C:\Windows\system32\ole32.dll'
223016fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msctf.dll
223116fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030a301:<flags> [calling]
223216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed40000 'C:\Windows\system32\MSCTF.dll'
223316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
223416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
223516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd90000 'C:\Windows\system32\ole32.dll'
223616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
223716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000307ea1:<flags> [calling]
223816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5b0000 'C:\Windows\system32\OLEAUT32.dll'
223916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009b8 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
224016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
224116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
224216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
224316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll'
224416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
224516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
224616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
224716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
224816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
224916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
225016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
225116fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
225216fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
225316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
225416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
225516fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
225616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
225716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
225816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
225916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
226016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
226116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
226216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
226316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
226416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009dc pwszName=\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
226516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
226616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
226716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
226816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll'
226916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
227016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
227116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
227216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
227316fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
227416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
227516fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll) WinVerifyTrust
227616fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
227716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
227816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
227916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
228016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
228116fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
228216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
228316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
228416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
228516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
228616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
228716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
228816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
228916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
229016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000003066f1:<flags> [calling]
229116fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
229216fc.bc4: supR3HardenedDllNotificationCallback: load 000007fefaa70000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
229316fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemprox.dll
229416fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
229516fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef1ad0000 LB 0x00086000 C:\Windows\system32\wbemcomn.dll [fFlags=0x0]
229616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
229716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa70000 'C:\Windows\system32\wbem\wbemprox.dll'
229816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a04 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
229916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
230016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
230116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
230216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll'
230316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
230416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
230516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
230616fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
230716fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
230816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
230916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
231016fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
231116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
231216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
231316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000306381:<flags> [calling]
231416fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
231516fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef1610000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
231616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\wbemsvc.dll
231716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1610000 'C:\Windows\system32\wbem\wbemsvc.dll'
231816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a10 pwszName=\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
231916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
232016fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
232116fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
232216fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll'
232316fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
232416fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
232516fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
232616fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
232716fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
232816fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
232916fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
233016fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
233116fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
233216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
233316fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
233416fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009f8 pwszName=\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
233516fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
233616fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
233716fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
233816fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll'
233916fc.bc4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
234016fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
234116fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
234216fc.bc4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
234316fc.bc4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntdsapi.dll) WinVerifyTrust
234416fc.bc4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
234516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
234616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
234716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
234816fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
234916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
235016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
235116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
235216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume1\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
235316fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbemcomn.dll
235416fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
235516fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
235616fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
235716fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
235816fc.bc4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
235916fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
236016fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
236116fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
236216fc.bc4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
236316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000003063c1:<flags> [calling]
236416fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
236516fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef0e80000 LB 0x000e2000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
236616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wbem\fastprox.dll
236716fc.bc4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
236816fc.bc4: supR3HardenedDllNotificationCallback: load 000007fef0d20000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
236916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ntdsapi.dll
237016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0e80000 'C:\Windows\system32\wbem\fastprox.dll'
237116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5b0000 'C:\Windows\system32\OLEAUT32.dll'
237216fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
237316fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000306171:<flags> [calling]
237416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\WINMM.dll'
237516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5b0000 'C:\Windows\system32\OLEAUT32.DLL'
237616fc.1744: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
237716fc.1744: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
237816fc.1744: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
237916fc.1744: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
238016fc.1744: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
238116fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
238216fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
238316fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
238416fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
238516fc.1744: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
238616fc.1744: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
238716fc.1744: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
238816fc.1744: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
238916fc.1744: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
239016fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
239116fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
239216fc.1744: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
239316fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
239416fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
239516fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
239616fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
239716fc.1744: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
239816fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
239916fc.1744: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
240016fc.1744: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000077fe8f1:<flags> [calling]
240116fc.1744: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
240216fc.1744: supR3HardenedDllNotificationCallback: load 000007fed4b20000 LB 0x002be000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
240316fc.1744: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
240416fc.1744: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
240516fc.1744: supR3HardenedDllNotificationCallback: load 0000000059e00000 LB 0x0010b000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
240616fc.1744: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxREM.dll
240716fc.1744: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed4b20000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
240816fc.1eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
240916fc.1eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
241016fc.1eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
241116fc.1eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
241216fc.1eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
241316fc.1eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
241416fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
241516fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
241616fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
241716fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
241816fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
241916fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
242016fc.1eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
242116fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
242216fc.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
242316fc.1eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007bedde1:<flags> [calling]
242416fc.1eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
242516fc.1eb4: supR3HardenedDllNotificationCallback: load 000007fef1640000 LB 0x0000b000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
242616fc.1eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
242716fc.1eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1640000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
242816fc.1eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077710000 'C:\Windows\system32\User32.dll'
242916fc.938: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
243016fc.938: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
243116fc.938: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
243216fc.938: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
243316fc.938: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
243416fc.938: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
243516fc.938: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
243616fc.938: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
243716fc.938: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
243816fc.938: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
243916fc.938: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
244016fc.938: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
244116fc.938: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000844d821:<flags> [calling]
244216fc.938: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
244316fc.938: supR3HardenedDllNotificationCallback: load 000007fef1630000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
244416fc.938: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
244516fc.938: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1630000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
244616fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
244716fc.19e0: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000b04 (hFile=0000000000000b4c) with 0xc0000022 -> STATUS_TRUST_FAILURE
244816fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
244916fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
245016fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
245116fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxvmm.dll'.
245216fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxoglrenderspu.dll'.
245316fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
245416fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
245516fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
245616fc.66c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll) WinVerifyTrust
245716fc.66c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
245816fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
245916fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
246016fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
246116fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
246216fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
246316fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
246416fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglrenderspu.dll'...
246516fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglrenderspu.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxoglrenderspu.dll' [rcNtRedir=0xc0150008]
246616fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
246716fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
246816fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
246916fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
247016fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
247116fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
247216fc.66c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll) WinVerifyTrust
247316fc.66c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
247416fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
247516fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
247616fc.66c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
247716fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
247816fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
247916fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
248016fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
248116fc.66c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
248216fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
248316fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
248416fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
248516fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
248616fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
248716fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
248816fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
248916fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
249016fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
249116fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
249216fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
249316fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
249416fc.66c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
249516fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
249616fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
249716fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079cdbc1:<flags> [calling]
249816fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
249916fc.66c: supR3HardenedDllNotificationCallback: load 000007fef07d0000 LB 0x0010e000 C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL [fFlags=0x0]
250016fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
250116fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
250216fc.66c: supR3HardenedDllNotificationCallback: load 000007fef12d0000 LB 0x0002f000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll [fFlags=0x0]
250316fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
250416fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
250516fc.66c: supR3HardenedDllNotificationCallback: load 000007fef1220000 LB 0x00026000 C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll [fFlags=0x0]
250616fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
250716fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef07d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL'
250816fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
250916fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079cea01:<flags> [calling]
251016fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1220000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll'
251116fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
251216fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
251316fc.66c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll) WinVerifyTrust
251416fc.66c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
251516fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
251616fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
251716fc.66c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
251816fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
251916fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
252016fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079ce9a1:<flags> [calling]
252116fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
252216fc.66c: supR3HardenedDllNotificationCallback: load 000007fef12b0000 LB 0x0001a000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll [fFlags=0x0]
252316fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
252416fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef12b0000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll'
252516fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
252616fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/opengl32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079cc9a1:<flags> [calling]
252716fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
252816fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32/opengl32.dll'
252916fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
253016fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079ce4f1:<flags> [calling]
253116fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
253216fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\gdi32.dll'
253316fc.66c: \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll: Owner is administrators group.
253416fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b98 pwszName=\Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
253516fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
253616fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
253716fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DACE9F70B806F1B512CE9710F53535A151CBD3EB
253816fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.CAT'; file='\Device\HarddiskVolume1\Windows\System32\ig75icd64.dll'
253916fc.66c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
254016fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
254116fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'igdusc64.dll'.
254216fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
254316fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
254416fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
254516fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'dwmapi.dll'.
254616fc.66c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ig75icd64.dll) WinVerifyTrust
254716fc.66c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
254816fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
254916fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
255016fc.66c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
255116fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
255216fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
255316fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
255416fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
255516fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
255616fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
255716fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'igdusc64.dll'...
255816fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'igdusc64.dll' -> '\Device\HarddiskVolume1\Windows\System32\igdusc64.dll' [rcNtRedir=0xc0150008]
255916fc.66c: \Device\HarddiskVolume1\Windows\System32\igdusc64.dll: Owner is administrators group.
256016fc.66c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Windows\System32\igdusc64.dll'
256116fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ba8 pwszName=\Device\HarddiskVolume1\Windows\System32\igdusc64.dll
256216fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
256316fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
256416fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=74DEF153B4540FC4CFBF9A4729D2CBE69606CA4D
256516fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.CAT'; file='\Device\HarddiskVolume1\Windows\System32\igdusc64.dll'
256616fc.66c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)
256716fc.66c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\igdusc64.dll) WinVerifyTrust
256816fc.66c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\igdusc64.dll
256916fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
257016fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
257116fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ig75icd64.dll (Input=ig75icd64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079cdd21:<flags> [calling]
257216fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
257316fc.66c: supR3HardenedDllNotificationCallback: load 000007fed42f0000 LB 0x00827000 C:\Windows\system32\ig75icd64.dll [fFlags=0x0]
257416fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ig75icd64.dll
257516fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\igdusc64.dll
257616fc.66c: supR3HardenedDllNotificationCallback: load 000007fef3f60000 LB 0x00462000 C:\Windows\system32\igdusc64.dll [fFlags=0x0]
257716fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\igdusc64.dll
257816fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed42f0000 'C:\Windows\system32\ig75icd64.dll'
257916fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\gdi32.dll'
258016fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd9f0000 'C:\Windows\system32\gdi32.dll'
258116fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bc8 pwszName=\Device\HarddiskVolume1\Windows\System32\version.dll
258216fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
258316fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
258416fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
258516fc.66c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\version.dll'
258616fc.66c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
258716fc.66c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
258816fc.66c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\version.dll) WinVerifyTrust
258916fc.66c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\version.dll
259016fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
259116fc.66c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
259216fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\version.dll (Input=version.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079ce1f1:<flags> [calling]
259316fc.66c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
259416fc.66c: supR3HardenedDllNotificationCallback: load 000007fefc580000 LB 0x0000c000 C:\Windows\system32\version.dll [fFlags=0x0]
259516fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll
259616fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc580000 'C:\Windows\system32\version.dll'
259716fc.66c: supR3HardenedDllNotificationCallback: Unload 000007fefc580000 LB 0x0000c000 C:\Windows\system32\version.dll [flags=0x0]
259816fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
259916fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
260016fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
260116fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
260216fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
260316fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
260416fc.66c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll
260516fc.66c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000079ce8c1:<flags> [calling]
260616fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
260716fc.66c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3360000 'C:\Windows\system32\OPENGL32.dll'
260816fc.1af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
260916fc.1af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
261016fc.1af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
261116fc.1af4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
261216fc.1af4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
261316fc.1af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
261416fc.1af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
261516fc.1af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
261616fc.1af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
261716fc.1af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
261816fc.1af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
261916fc.1af4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000b22d701:<flags> [calling]
262016fc.1af4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
262116fc.1af4: supR3HardenedDllNotificationCallback: load 000007fef1210000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
262216fc.1af4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
262316fc.1af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1210000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
262416fc.a10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
262516fc.a10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
262616fc.a10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
262716fc.a10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
262816fc.a10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
262916fc.a10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
263016fc.a10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
263116fc.a10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
263216fc.a10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
263316fc.a10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
263416fc.a10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
263516fc.a10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000b38dd01:<flags> [calling]
263616fc.a10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
263716fc.a10: supR3HardenedDllNotificationCallback: load 000007fef1190000 LB 0x0000b000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
263816fc.a10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
263916fc.a10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1190000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
264016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\Shell32.dll'
264116fc.19e0: supR3HardenedIsApiSetDll: '<NULL>' -> true
264216fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000007ce9441:<flags> [calling]
264316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
264416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
264516fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceb771:<flags> [calling]
264616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed4b20000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
264716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
264816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
264916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
265016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
265116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
265216fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
265316fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
265416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
265516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
265616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
265716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
265816fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll
265916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
266016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
266116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
266216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
266316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
266416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
266516fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cec921:<flags> [calling]
266616fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
266716fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef0450000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
266816fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
266916fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0450000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
267016fc.19e0: supR3HardenedDllNotificationCallback: Unload 000007fef0450000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
267116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
267216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
267316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
267416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
267516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
267616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
267716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
267816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
267916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
268016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
268116fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
268216fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
268316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
268416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
268516fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d04 pwszName=\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
268616fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
268716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
268816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
268916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL'
269016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
269116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
269216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
269316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
269416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
269516fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
269616fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
269716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
269816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
269916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
270016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
270116fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
270216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
270316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
270416fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
270516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
270616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
270716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
270816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
270916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
271016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
271116fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
271216fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
271316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
271416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
271516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
271616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
271716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
271816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
271916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
272016fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
272116fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
272216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
272316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
272416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
272516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
272616fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
272716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
272816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
272916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
273016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
273116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
273216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
273316fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
273416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
273516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
273616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
273716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
273816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
273916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
274016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
274116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
274216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
274316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
274416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
274516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
274616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
274716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
274816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ce8 pwszName=\Device\HarddiskVolume1\Windows\System32\winnsi.dll
274916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
275016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
275116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
275216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\winnsi.dll'
275316fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
275416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
275516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
275616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
275716fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winnsi.dll) WinVerifyTrust
275816fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winnsi.dll
275916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
276016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
276116fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
276216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
276316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
276416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
276516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
276616fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
276716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
276816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
276916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
277016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
277116fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced931:<flags> [calling]
277216fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
277316fc.19e0: supR3HardenedDllNotificationCallback: load 000007fed3930000 LB 0x009b2000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
277416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD.dll
277516fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
277616fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef04a0000 LB 0x00058000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
277716fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDDU.dll
277816fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
277916fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef0180000 LB 0x0005d000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
278016fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
278116fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
278216fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefab60000 LB 0x00027000 C:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
278316fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
278416fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
278516fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefa8c0000 LB 0x0000b000 C:\Windows\system32\WINNSI.DLL [fFlags=0x0]
278616fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winnsi.dll
278716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed3930000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
278816fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
278916fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced931:<flags> [calling]
279016fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
279116fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef0400000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
279216fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
279316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0400000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
279416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxC.dll
279516fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced931:<flags> [calling]
279616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed83e0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
279716fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxDD2.dll
279816fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced841:<flags> [calling]
279916fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0180000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
280016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
280116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
280216fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
280316fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
280416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
280516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
280616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
280716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
280816fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced841:<flags> [calling]
280916fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
281016fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef10a0000 LB 0x0001e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
281116fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
281216fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef10a0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
281316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
281416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
281516fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
281616fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
281716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
281816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
281916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
282016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
282116fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced841:<flags> [calling]
282216fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
282316fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef0fc0000 LB 0x00017000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
282416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
282516fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0fc0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
282616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
282716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
282816fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
282916fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
283016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
283116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
283216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
283316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
283416fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced841:<flags> [calling]
283516fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
283616fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef0480000 LB 0x00017000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
283716fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
283816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0480000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
283916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
284016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
284116fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
284216fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
284316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
284416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
284516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
284616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
284716fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced841:<flags> [calling]
284816fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
284916fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef0460000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
285016fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
285116fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0460000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
285216fc.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
285316fc.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
285416fc.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
285516fc.1e14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
285616fc.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
285716fc.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
285816fc.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
285916fc.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
286016fc.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
286116fc.1e14: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxVMM.dll
286216fc.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
286316fc.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
286416fc.1e14: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
286516fc.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000e95d8a1:<flags> [calling]
286616fc.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
286716fc.1e14: supR3HardenedDllNotificationCallback: load 000007fef1180000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
286816fc.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
286916fc.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1180000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
287016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed4b20000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
287116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
287216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
287316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
287416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
287516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
287616fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
287716fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
287816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
287916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
288016fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
288116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
288216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
288316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
288416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
288516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
288616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
288716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
288816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
288916fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceef71:<flags> [calling]
289016fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
289116fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef01e0000 LB 0x000e5000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
289216fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
289316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef01e0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
289416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
289516fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced741:<flags> [calling]
289616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefab60000 'C:\Windows\system32\Iphlpapi.dll'
289716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000db0 pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
289816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
289916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
290016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D89E2D6AED9A19082ECA108BEEF81A904C7A9756
290116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll'
290216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
290316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
290416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
290516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
290616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
290716fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll) WinVerifyTrust
290816fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
290916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
291016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume1\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
291116fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\nsi.dll
291216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
291316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
291416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
291516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
291616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
291716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
291816fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc.DLL (Input=dhcpcsvc.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee8e1:<flags> [calling]
291916fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
292016fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefa820000 LB 0x00018000 C:\Windows\system32\dhcpcsvc.DLL [fFlags=0x0]
292116fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc.dll
292216fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa820000 'C:\Windows\system32\dhcpcsvc.DLL'
292316fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
292416fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee541:<flags> [calling]
292516fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefab60000 'C:\Windows\system32\IPHLPAPI.DLL'
292616fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d98 pwszName=\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
292716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
292816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
292916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A719769A21133C3F89F7BEA09AB706365F35DF8F
293016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB2763523~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll'
293116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
293216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
293316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
293416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
293516fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll) WinVerifyTrust
293616fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
293716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
293816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
293916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
294016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
294116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
294216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
294316fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc6.DLL (Input=dhcpcsvc6.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee891:<flags> [calling]
294416fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
294516fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefa800000 LB 0x00011000 C:\Windows\system32\dhcpcsvc6.DLL [fFlags=0x0]
294616fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dhcpcsvc6.dll
294716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa800000 'C:\Windows\system32\dhcpcsvc6.DLL'
294816fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\IPHLPAPI.DLL
294916fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee5b1:<flags> [calling]
295016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefab60000 'C:\Windows\system32\IPHLPAPI.DLL'
295116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e50 pwszName=\Device\HarddiskVolume1\Windows\System32\dsound.dll
295216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
295316fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
295416fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
295516fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\dsound.dll'
295616fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
295716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
295816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
295916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
296016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
296116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
296216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
296316fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dsound.dll) WinVerifyTrust
296416fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dsound.dll
296516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
296616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume1\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
296716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e54 pwszName=\Device\HarddiskVolume1\Windows\System32\powrprof.dll
296816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
296916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
297016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
297116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\powrprof.dll'
297216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
297316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
297416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
297516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
297616fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\powrprof.dll) WinVerifyTrust
297716fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\powrprof.dll
297816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
297916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
298016fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
298116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
298216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
298316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
298416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
298516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
298616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
298716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
298816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
298916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
299016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
299116fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
299216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
299316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
299416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
299516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
299616fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced671:<flags> [calling]
299716fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
299816fc.19e0: supR3HardenedDllNotificationCallback: load 000007fef37b0000 LB 0x00088000 C:\Windows\System32\dsound.dll [fFlags=0x0]
299916fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
300016fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
300116fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefc300000 LB 0x0002c000 C:\Windows\System32\POWRPROF.dll [fFlags=0x0]
300216fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\powrprof.dll
300316fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
300416fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cec9b1:<flags> [calling]
300516fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef37b0000 'C:\Windows\System32\dsound.dll'
300616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef37b0000 'C:\Windows\System32\dsound.dll'
300716fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
300816fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced791:<flags> [calling]
300916fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef37b0000 'C:\Windows\system32\dsound.dll'
301016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e58 pwszName=\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
301116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
301216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
301316fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
301416fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll'
301516fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
301616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
301716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
301816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
301916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
302016fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll) WinVerifyTrust
302116fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
302216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
302316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume1\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
302416fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e7c pwszName=\Device\HarddiskVolume1\Windows\System32\propsys.dll
302516fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
302616fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
302716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
302816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\propsys.dll'
302916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
303016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
303116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
303216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
303316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
303416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
303516fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\propsys.dll) WinVerifyTrust
303616fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\propsys.dll
303716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
303816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
303916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
304016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
304116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
304216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
304316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
304416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
304516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
304616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
304716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
304816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
304916fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
305016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
305116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
305216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
305316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
305416fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced141:<flags> [calling]
305516fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
305616fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefc2b0000 LB 0x0004b000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
305716fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
305816fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
305916fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefbd00000 LB 0x0012c000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
306016fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\propsys.dll
306116fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll
306216fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cec5b1:<flags> [calling]
306316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4d0000 'C:\Windows\system32\ADVAPI32.dll'
306416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc2b0000 'C:\Windows\System32\MMDevApi.dll'
306516fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd90000 'C:\Windows\system32\ole32.dll'
306616fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\setupapi.dll
306716fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced471:<flags> [calling]
306816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdbb0000 'C:\Windows\system32\SETUPAPI.dll'
306916fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
307016fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee391:<flags> [calling]
307116fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee50000 'C:\Windows\system32\SHLWAPI.dll'
307216fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
307316fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee5b1:<flags> [calling]
307416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc2b0000 'C:\Windows\system32\MMDEVAPI.DLL'
307516fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd90000 'C:\Windows\system32\ole32.dll'
307616fc.20c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
307716fc.20c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000188ef471:<flags> [calling]
307816fc.20c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd610000 'C:\Windows\system32\CFGMGR32.dll'
307916fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
308016fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee1e1:<flags> [calling]
308116fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
308216fc.19e0: supR3HardenedIsApiSetDll: '<NULL>' -> true
308316fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000007cee041:<flags> [calling]
308416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-WIN-Service-Management-L1-1-0.dll'
308516fc.19e0: supR3HardenedIsApiSetDll: '<NULL>' -> true
308616fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000007cee041:<flags> [calling]
308716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
308816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\RPCRT4.dll'
308916fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
309016fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee0a1:<flags> [calling]
309116fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc2b0000 'C:\Windows\system32\MMDevAPI.DLL'
309216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000eb4 pwszName=\Device\HarddiskVolume1\Windows\System32\wdmaud.drv
309316fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
309416fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
309516fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
309616fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\wdmaud.drv'
309716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
309816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
309916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
310016fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
310116fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
310216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
310316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
310416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
310516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
310616fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\wdmaud.drv) WinVerifyTrust
310716fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
310816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
310916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
311016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000eb8 pwszName=\Device\HarddiskVolume1\Windows\System32\avrt.dll
311116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
311216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
311316fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
311416fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\avrt.dll'
311516fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
311616fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\avrt.dll) WinVerifyTrust
311716fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\avrt.dll
311816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
311916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
312016fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
312116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
312216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume1\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
312316fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ed4 pwszName=\Device\HarddiskVolume1\Windows\System32\ksuser.dll
312416fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
312516fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
312616fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D99CFB3BFCA1F454FC7109DB98D18923ABBA361
312716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB3110329~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\ksuser.dll'
312816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
312916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
313016fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ksuser.dll) WinVerifyTrust
313116fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ksuser.dll
313216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
313316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
313416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
313516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
313616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
313716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
313816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
313916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
314016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
314116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
314216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
314316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
314416fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cedc11:<flags> [calling]
314516fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
314616fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefb500000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
314716fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
314816fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
314916fc.19e0: supR3HardenedDllNotificationCallback: load 0000000075260000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0]
315016fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ksuser.dll
315116fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
315216fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefc150000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0]
315316fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\avrt.dll
315416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
315516fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
315616fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cedc11:<flags> [calling]
315716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
315816fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
315916fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceddc1:<flags> [calling]
316016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
316116fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
316216fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceddc1:<flags> [calling]
316316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
316416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
316516fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceddc1:<flags> [calling]
316616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
316716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ef0 pwszName=\Device\HarddiskVolume1\Windows\System32\AudioSes.dll
316816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
316916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
317016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A3BDEC1E955295C342E14C90909598248B24E5B
317116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_107_for_KB4015549~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume1\Windows\System32\AudioSes.dll'
317216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
317316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
317416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
317516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
317616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
317716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
317816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
317916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
318016fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\AudioSes.dll) WinVerifyTrust
318116fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
318216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
318316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
318416fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
318516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
318616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
318716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
318816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
318916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
319016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
319116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
319216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
319316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
319416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
319516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
319616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
319716fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceddd1:<flags> [calling]
319816fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
319916fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefb400000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
320016fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
320116fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb400000 'C:\Windows\system32\AUDIOSES.DLL'
320216fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
320316fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceddc1:<flags> [calling]
320416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
320516fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\wdmaud.drv
320616fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ceddc1:<flags> [calling]
320716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
320816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb500000 'C:\Windows\system32\wdmaud.drv'
320916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ef4 pwszName=\Device\HarddiskVolume1\Windows\System32\msacm32.drv
321016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
321116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
321216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=522563F5384AD4C93CF5CF4EEA899D3267552328
321316fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\msacm32.drv'
321416fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
321516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
321616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
321716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
321816fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
321916fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
322016fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msacm32.drv) WinVerifyTrust
322116fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msacm32.drv
322216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
322316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
322416fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\MMDevAPI.dll
322516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
322616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
322716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000efc pwszName=\Device\HarddiskVolume1\Windows\System32\msacm32.dll
322816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
322916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
323016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCA0A8AEE81B82C402AA72A300B2C8D2DC17C1DA
323116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\msacm32.dll'
323216fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
323316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
323416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
323516fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
323616fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
323716fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
323816fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msacm32.dll) WinVerifyTrust
323916fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msacm32.dll
324016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
324116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
324216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
324316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
324416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
324516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
324616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
324716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
324816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
324916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
325016fc.19e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll
325116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
325216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
325316fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
325416fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
325516fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
325616fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
325716fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cedbc1:<flags> [calling]
325816fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
325916fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefb3f0000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
326016fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
326116fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.dll
326216fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefb3d0000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0]
326316fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.dll
326416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
326516fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
326616fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced5c1:<flags> [calling]
326716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
326816fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
326916fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced5c1:<flags> [calling]
327016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
327116fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
327216fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced5c1:<flags> [calling]
327316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
327416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
327516fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced5c1:<flags> [calling]
327616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
327716fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
327816fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced5c1:<flags> [calling]
327916fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
328016fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msacm32.drv
328116fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced5c1:<flags> [calling]
328216fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
328316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
328416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
328516fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3f0000 'C:\Windows\system32\msacm32.drv'
328616fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000edc pwszName=\Device\HarddiskVolume1\Windows\System32\midimap.dll
328716fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
328816fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
328916fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43116C5C719A4751DA70B12932084D73D7AACEA3
329016fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume1\Windows\System32\midimap.dll'
329116fc.19e0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
329216fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
329316fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
329416fc.19e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
329516fc.19e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\midimap.dll) WinVerifyTrust
329616fc.19e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\midimap.dll
329716fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
329816fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
329916fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
330016fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
330116fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
330216fc.19e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
330316fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cedbc1:<flags> [calling]
330416fc.19e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
330516fc.19e0: supR3HardenedDllNotificationCallback: load 000007fefb3c0000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0]
330616fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
330716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\midimap.dll'
330816fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
330916fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced591:<flags> [calling]
331016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\midimap.dll'
331116fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
331216fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced591:<flags> [calling]
331316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\midimap.dll'
331416fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\midimap.dll
331516fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cedbc1:<flags> [calling]
331616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\midimap.dll'
331716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
331816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
331916fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
332016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd90000 'C:\Windows\system32\ole32.dll'
332116fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
332216fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007cee1e1:<flags> [calling]
332316fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
332416fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
332516fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
332616fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
332716fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced781:<flags> [calling]
332816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef37b0000 'C:\Windows\system32\dsound.dll'
332916fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
333016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
333116fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
333216fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
333316fc.e48: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\AudioSes.dll
333416fc.e48: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000190ede71:<flags> [calling]
333516fc.e48: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb400000 'C:\Windows\System32\audioses.dll'
333616fc.19e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dsound.dll
333716fc.19e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000007ced961:<flags> [calling]
333816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef37b0000 'C:\Windows\system32\dsound.dll'
333916fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
334016fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed4b20000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
334116fc.1744: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff5b0000 'C:\Windows\system32\OLEAUT32.dll'
334216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
334316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
334416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
334516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
334616fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
334716fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309891:<flags> [calling]
334816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
334916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
335016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
335816fc.1e84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
335916fc.1e84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000080df421:<flags> [calling]
336016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336816fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
336916fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337816fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
337916fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338816fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
338916fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339216fc.1e84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll
339316fc.1e84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000080df3a1:<flags> [calling]
339416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339616fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339716fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339816fc.19e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
339916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
340016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
340116fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001030 pwszName=\Device\HarddiskVolume1\Windows\System32\mswsock.dll
340216fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
340316fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
340416fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A0B91C962716871F5DE8282805DA288326E03A9F
340516fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\mswsock.dll'
340616fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
340716fc.10fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
340816fc.10fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
340916fc.10fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
341016fc.10fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
341116fc.10fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mswsock.dll) WinVerifyTrust
341216fc.10fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mswsock.dll
341316fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
341416fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
341516fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
341616fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
341716fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
341816fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
341916fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
342016fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
342116fc.10fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000947ef51:<flags> [calling]
342216fc.10fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mswsock.dll
342316fc.10fc: supR3HardenedDllNotificationCallback: load 000007fefcc50000 LB 0x00055000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
342416fc.10fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mswsock.dll
342516fc.10fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc50000 'C:\Windows\system32\mswsock.dll'
342616fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000101c pwszName=\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
342716fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000930f80
342816fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000930f80
342916fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EFFE58BB9FD8A94FD1609B7F82A43C8E09D98AA
343016fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL'
343116fc.10fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
343216fc.10fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
343316fc.10fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL) WinVerifyTrust
343416fc.10fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
343516fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
343616fc.10fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
343716fc.10fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wshtcpip.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000947f0f1:<flags> [calling]
343816fc.10fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
343916fc.10fc: supR3HardenedDllNotificationCallback: load 000007fefc650000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [fFlags=0x0]
344016fc.10fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\WSHTCPIP.DLL
344116fc.10fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc650000 'C:\Windows\System32\wshtcpip.dll'
344216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
344316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
344416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
344516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
344616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
344716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
344816fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
344916fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345816fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
345916fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346816fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
346916fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347716fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347816fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
347916fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348016fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348116fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348216fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348316fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348416fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348516fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348616fc.1e84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb550000 'C:\Windows\system32\winmm.dll'
348716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
348816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
348916fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349016fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349716fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349816fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
349916fc.bc4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll
350016fc.bc4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000307b51:<flags> [calling]
350116fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
350216fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
350316fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
350416fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
350516fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
350616fc.bc4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf90000 'C:\Windows\system32\shell32.dll'
35071af8.dc0: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 216421 ms, the end);
3508ce4.e74: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 216755 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy